Acknowledged
Created: Aug 17, 2025
Updated: Aug 19, 2025
Found In Version: 10.24.33.1
Severity: Standard
Applicable for: Wind River Linux LTS 24
Component/s: Kernel
In the Linux kernel, the following vulnerability has been resolved:EOL][EOL]mptcp: plug races between subflow fail and subflow creation[EOL][EOL]We have races similar to the one addressed by the previous patch between[EOL]subflow failing and additional subflow creation. They are just harder to[EOL]trigger.[EOL][EOL]The solution is similar. Use a separate flag to track the condition[EOL]'socket state prevent any additional subflow creation' protected by the[EOL]fallback lock.[EOL][EOL]The socket fallback makes such flag true, and also receiving or sending[EOL]an MP_FAIL option.[EOL][EOL]The field 'allow_infinite_fallback' is now always touched under the[EOL]relevant lock, we can drop the ONCE annotation on write.
CREATE(Triage):(User=pbi-cn) [CVE-2025-38552 (https://nvd.nist.gov/vuln/detail/CVE-2025-38552)
