The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.

The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.

1. MPTCP module has an out-of-bounds write vulnerability.

Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.

The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.
This vulnerability was discovered by Dawid Golunski from Insecure.Org team.

The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.

The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.

The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.

The MPTCP module has an out-of-bounds write vulnerability

Affected Software

The MPTCP module has an out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information.

CVE-2022-41578

References ! [CVE-2022-41578](http://static.insecure.org/files/advisories/CVE-2022-41578.png)

1. MPTCP module has an out-of-bounds write vulnerability
2. Successful exploitation of this vulnerability may cause root privilege escalation attacks implemented by modifying program information

Vulnerable code snippet

int MPTCP_recvmsg (int sockfd, struct mptcp_hdr *mpp, char *data) { int len; int retval; memset (&mpp->control, 0, sizeof (mpp->control)); len = recvmsg (sockfd, mpp, data + sizeof (struct mptcp_hdr), MSG_PEEK); if (len

Timeline

Published on: 10/14/2022 16:15:00 UTC
Last modified on: 10/18/2022 14:49:00 UTC

References