Impact
The flaw allows the TCP subflow’s receive window to be reduced even when the network namespace setting forbids it, causing the MPTCP receive window to grow larger than the receiver buffer size, potentially leading to service disruption or memory exhaustion.
Affected Systems
The vulnerable component is the Linux kernel; the issue is present in kernel versions before the fix was merged, and the fix was included in later kernel releases.
Risk and Exploitability
The CVSS score is 7.5 and the EPSS score is <1%, indicating a low probability of exploitation. The vulnerability is not listed in CISA KEV. An attacker who can influence an MPTCP connection from outside the host could craft traffic that triggers the inflated window, leading to denial of service by exhausting server resources.
OpenCVE Enrichment
Debian DLA