CVE-2026-23169 – mptcp: fix race in mptcp_pm_nl_flush_addrs_doit()

CVE ID : CVE-2026-23169

Published : Feb. 14, 2026, 4:15 p.m. | 14 minutes ago

Description : In the Linux kernel, the following vulnerability has been resolved:

mptcp: fix race in mptcp_pm_nl_flush_addrs_doit()

syzbot and Eulgyu Kim reported crashes in mptcp_pm_nl_get_local_id()
and/or mptcp_pm_nl_is_backup()

Root cause is list_splice_init() in mptcp_pm_nl_flush_addrs_doit()
which is not RCU ready.

list_splice_init_rcu() can not be called here while holding pernet->lock
spinlock.

Many thanks to Eulgyu Kim for providing a repro and testing our patches.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-23210 – ice: Fix PTP NULL pointer dereference during VSI rebuild

CVE-2026-23209 – macvlan: fix error recovery in macvlan_common_newlink()

CVE-2026-23208 – ALSA: usb-audio: Prevent excessive number of frames

CVE-2026-23207 – spi: tegra210-quad: Protect curr_xfer check in IRQ handler