CVE-2025-71088 — Race Condition within a Thread in Linux
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 13
Latest updateApr 17
Description
In the Linux kernel, the following vulnerability has been resolved:
mptcp: fallback earlier on simult connection
Syzkaller reports a simult-connect race leading to inconsistent fallback
status:
WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515 subflow_data_ready+0x40b/0x7c0 net/mptcp/subflow.c:1515
Modules linked in:
CPU: 3 UID: 0 PID: 33 Comm: ksoftirqd/3 Not tainted syzkaller #0 PREEMPT(full)
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/201…
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6
Affected Packages13 packages
Patches
🔴Vulnerability Details
3OSV▶
CVE-2025-71088: In the Linux kernel, the following vulnerability has been resolved: mptcp: fallback earlier on simult connection Syzkaller reports a simult-connect ra↗2026-01-13
GHSA▶
GHSA-7xjf-vxwf-j6g3: In the Linux kernel, the following vulnerability has been resolved:
mptcp: fallback earlier on simult connection
Syzkaller reports a simult-connect↗2026-01-13