CVE-2025-68221

medium

Description

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix address removal logic in mptcp_pm_nl_rm_addr Fix inverted WARN_ON_ONCE condition that prevented normal address removal counter updates. The current code only executes decrement logic when the counter is already 0 (abnormal state), while normal removals (counter > 0) are ignored.

References

https://git.kernel.org/stable/c/f7d953c38245c0e9d8e268fb6a9e524602fb44ec

https://git.kernel.org/stable/c/92e239e36d600002559074994a545fcfac9afd2d

Details

Source: Mitre, NVD

Published: 2025-12-16

Updated: 2025-12-18

Risk Information

CVSS v2

Base Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:P/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018