[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-71088":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-15T22:50:23.791Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":18,"aliases":19,"duplicate_of":9,"upstream":20,"downstream":21,"duplicates":92,"related":93,"reserved_at":9,"published_at":107,"modified_at":108,"state":109,"summary":110,"references_raw":119,"kevs":142,"epss":143,"epss_history":146,"metrics":420,"affected":426},"CVE-2025-71088","In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fallback earlier on simult connection\n\nSyzkaller reports a simult-connect race leading to inconsistent fallback\nstatus:\n\n  WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515 subflow_data_ready+0x40b/0x7c0 net/mptcp/subflow.c:1515\n  Modules linked in:\n  CPU: 3 UID: 0 PID: 33 Comm: ksoftirqd/3 Not tainted syzkaller #0 PREEMPT(full)\n  Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n  RIP: 0010:subflow_data_ready+0x40b/0x7c0 net/mptcp/subflow.c:1515\n  Code: 89 ee e8 78 61 3c f6 40 84 ed 75 21 e8 8e 66 3c f6 44 89 fe bf 07 00 00 00 e8 c1 61 3c f6 41 83 ff 07 74 09 e8 76 66 3c f6 90 \u003C0f> 0b 90 e8 6d 66 3c f6 48 89 df e8 e5 ad ff ff 31 ff 89 c5 89 c6\n  RSP: 0018:ffffc900006cf338 EFLAGS: 00010246\n  RAX: 0000000000000000 RBX: ffff888031acd100 RCX: ffffffff8b7f2abf\n  RDX: ffff88801e6ea440 RSI: ffffffff8b7f2aca RDI: 0000000000000005\n  RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000007\n  R10: 0000000000000004 R11: 0000000000002c10 R12: ffff88802ba69900\n  R13: 1ffff920000d9e67 R14: ffff888046f81800 R15: 0000000000000004\n  FS:  0000000000000000(0000) GS:ffff8880d69bc000(0000) knlGS:0000000000000000\n  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n  CR2: 0000560fc0ca1670 CR3: 0000000032c3a000 CR4: 0000000000352ef0\n  Call Trace:\n   \u003CTASK>\n   tcp_data_queue+0x13b0/0x4f90 net/ipv4/tcp_input.c:5197\n   tcp_rcv_state_process+0xfdf/0x4ec0 net/ipv4/tcp_input.c:6922\n   tcp_v6_do_rcv+0x492/0x1740 net/ipv6/tcp_ipv6.c:1672\n   tcp_v6_rcv+0x2976/0x41e0 net/ipv6/tcp_ipv6.c:1918\n   ip6_protocol_deliver_rcu+0x188/0x1520 net/ipv6/ip6_input.c:438\n   ip6_input_finish+0x1e4/0x4b0 net/ipv6/ip6_input.c:489\n   NF_HOOK include/linux/netfilter.h:318 [inline]\n   NF_HOOK include/linux/netfilter.h:312 [inline]\n   ip6_input+0x105/0x2f0 net/ipv6/ip6_input.c:500\n   dst_input include/net/dst.h:471 [inline]\n   ip6_rcv_finish net/ipv6/ip6_input.c:79 [inline]\n   NF_HOOK include/linux/netfilter.h:318 [inline]\n   NF_HOOK include/linux/netfilter.h:312 [inline]\n   ipv6_rcv+0x264/0x650 net/ipv6/ip6_input.c:311\n   __netif_receive_skb_one_core+0x12d/0x1e0 net/core/dev.c:5979\n   __netif_receive_skb+0x1d/0x160 net/core/dev.c:6092\n   process_backlog+0x442/0x15e0 net/core/dev.c:6444\n   __napi_poll.constprop.0+0xba/0x550 net/core/dev.c:7494\n   napi_poll net/core/dev.c:7557 [inline]\n   net_rx_action+0xa9f/0xfe0 net/core/dev.c:7684\n   handle_softirqs+0x216/0x8e0 kernel/softirq.c:579\n   run_ksoftirqd kernel/softirq.c:968 [inline]\n   run_ksoftirqd+0x3a/0x60 kernel/softirq.c:960\n   smpboot_thread_fn+0x3f7/0xae0 kernel/smpboot.c:160\n   kthread+0x3c2/0x780 kernel/kthread.c:463\n   ret_from_fork+0x5d7/0x6f0 arch/x86/kernel/process.c:148\n   ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n   \u003C/TASK>\n\nThe TCP subflow can process the simult-connect syn-ack packet after\ntransitioning to TCP_FIN1 state, bypassing the MPTCP fallback check,\nas the sk_state_change() callback is not invoked for * -> FIN_WAIT1\ntransitions.\n\nThat will move the msk socket to an inconsistent status and the next\nincoming data will hit the reported splat.\n\nClose the race moving the simult-fallback check at the earliest possible\nstage - that is at syn-ack generation time.\n\nAbout the fixes tags: [2] was supposed to also fix this issue introduced\nby [3]. [1] is required as a dependence: it was not explicitly marked as\na fix, but it is one and it has already been backported before [3]. In\nother words, this commit should be backported up to [3], including [2]\nand [1] if that's not already there.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":9,"likelihood_of_exploit":9,"capec":17},"NVD-CWE-NOINFO","Insufficient Information","NVD uses this CWE ID when there is insufficient information to assign a specific CWE.","placeholder","NVD-Reserved",[],[],[],[],[22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90],{"_key":23},"DLA-4476-1",{"_key":25},"DSA-6126-1",{"_key":27},"DSA-6127-1",{"_key":29},"SUSE-SU-2026:0447-1",{"_key":31},"SUSE-SU-2026:0472-1",{"_key":33},"SUSE-SU-2026:0587-1",{"_key":35},"SUSE-SU-2026:20477-1",{"_key":37},"SUSE-SU-2026:20498-1",{"_key":39},"SUSE-SU-2026:20555-1",{"_key":41},"SUSE-SU-2026:20599-1",{"_key":43},"SUSE-SU-2026:20615-1",{"_key":45},"OPENSUSE-SU-2026:20287-1",{"_key":47},"SUSE-SU-2026:20845-1",{"_key":49},"SUSE-SU-2026:20876-1",{"_key":51},"MGASA-2026-0017",{"_key":53},"MGASA-2026-0018",{"_key":55},"USN-8277-1",{"_key":57},"USN-8277-2",{"_key":59},"USN-8179-1",{"_key":61},"USN-8179-2",{"_key":63},"USN-8179-3",{"_key":65},"USN-8179-4",{"_key":67},"USN-8184-1",{"_key":69},"USN-8185-1",{"_key":71},"USN-8185-2",{"_key":73},"USN-8203-1",{"_key":75},"USN-8204-1",{"_key":77},"USN-8258-1",{"_key":79},"USN-8260-1",{"_key":81},"USN-8261-1",{"_key":83},"USN-8265-1",{"_key":85},"USN-8310-1",{"_key":87},"USN-8374-1",{"_key":89},"UBUNTU-CVE-2025-71088",{"_key":91},"DEBIAN-CVE-2025-71088",[],[94,95,96,97,98,99,100,101,102,103,104,105,106],{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},"2026-01-13T15:34:50.377Z","2026-05-23T16:03:09.928Z","Analyzed",{"cisa_kev":111,"cisa_ransomware":111,"cisa_vendor":9,"epss_severity":112,"epss_score":113,"severity":114,"severity_score":115,"severity_version":116,"severity_source":117,"severity_vector":118,"severity_status":109},false,"low",0.00121,"medium",5.5,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[120,126,130,134,138],{"url":121,"sources":122,"tags":124},"https://git.kernel.org/stable/c/b5f46a08269265e2f5e87d855287d6d22de0a32b",[123,117],"cve.org",[125],"Patch",{"url":127,"sources":128,"tags":129},"https://git.kernel.org/stable/c/c9bf315228287653522894df9d851e9b43db9516",[123,117],[125],{"url":131,"sources":132,"tags":133},"https://git.kernel.org/stable/c/79f80a7a47849ef1b3c25a0bedcc448b9cb551c1",[123,117],[125],{"url":135,"sources":136,"tags":137},"https://git.kernel.org/stable/c/25f1ae942c097b7ae4ce5c2b9c6fefb8e3672b86",[123,117],[125],{"url":139,"sources":140,"tags":141},"https://git.kernel.org/stable/c/71154bbe49423128c1c8577b6576de1ed6836830",[123,117],[125],[],{"date":144,"score":113,"percentile":145},"2026-06-15",0.02229,[147,151,154,157,160,163,167,170,173,176,179,182,185,188,191,194,197,200,203,206,209,212,215,218,221,224,227,230,233,236,239,242,246,249,251,254,257,260,263,266,269,272,275,278,281,284,287,290,293,296,299,302,305,308,311,314,317,320,323,326,329,332,335,338,341,344,347,350,354,357,360,363,366,369,372,375,378,381,384,387,390,393,396,399,402,405,408,411,414,417],{"date":148,"score":149,"percentile":150},"2026-01-14",0.00018,0.03871,{"date":152,"score":149,"percentile":153},"2026-01-15",0.03803,{"date":155,"score":149,"percentile":156},"2026-01-16",0.03778,{"date":158,"score":149,"percentile":159},"2026-01-17",0.0378,{"date":161,"score":149,"percentile":162},"2026-01-18",0.03755,{"date":164,"score":165,"percentile":166},"2026-01-19",0.00024,0.05682,{"date":168,"score":165,"percentile":169},"2026-01-20",0.05641,{"date":171,"score":165,"percentile":172},"2026-01-21",0.05645,{"date":174,"score":165,"percentile":175},"2026-01-22",0.05628,{"date":177,"score":165,"percentile":178},"2026-01-23",0.05686,{"date":180,"score":165,"percentile":181},"2026-01-24",0.05732,{"date":183,"score":165,"percentile":184},"2026-01-25",0.05658,{"date":186,"score":165,"percentile":187},"2026-01-26",0.05638,{"date":189,"score":165,"percentile":190},"2026-01-27",0.05618,{"date":192,"score":165,"percentile":193},"2026-01-28",0.05603,{"date":195,"score":165,"percentile":196},"2026-01-29",0.05616,{"date":198,"score":165,"percentile":199},"2026-01-30",0.05615,{"date":201,"score":165,"percentile":202},"2026-01-31",0.05582,{"date":204,"score":165,"percentile":205},"2026-02-01",0.0565,{"date":207,"score":165,"percentile":208},"2026-02-02",0.05634,{"date":210,"score":165,"percentile":211},"2026-02-03",0.05644,{"date":213,"score":165,"percentile":214},"2026-02-04",0.05659,{"date":216,"score":165,"percentile":217},"2026-02-05",0.05716,{"date":219,"score":165,"percentile":220},"2026-02-06",0.05739,{"date":222,"score":165,"percentile":223},"2026-02-07",0.05749,{"date":225,"score":165,"percentile":226},"2026-02-08",0.05742,{"date":228,"score":165,"percentile":229},"2026-02-09",0.05715,{"date":231,"score":165,"percentile":232},"2026-02-10",0.0571,{"date":234,"score":165,"percentile":235},"2026-02-11",0.05761,{"date":237,"score":165,"percentile":238},"2026-02-12",0.05786,{"date":240,"score":165,"percentile":241},"2026-02-13",0.05796,{"date":243,"score":244,"percentile":245},"2026-02-14",0.00026,0.06591,{"date":247,"score":244,"percentile":248},"2026-02-15",0.06604,{"date":250,"score":244,"percentile":245},"2026-02-16",{"date":252,"score":244,"percentile":253},"2026-02-17",0.0656,{"date":255,"score":244,"percentile":256},"2026-02-18",0.06918,{"date":258,"score":244,"percentile":259},"2026-02-19",0.06985,{"date":261,"score":244,"percentile":262},"2026-02-20",0.06973,{"date":264,"score":244,"percentile":265},"2026-02-21",0.06992,{"date":267,"score":244,"percentile":268},"2026-02-22",0.06995,{"date":270,"score":244,"percentile":271},"2026-02-23",0.06996,{"date":273,"score":244,"percentile":274},"2026-02-24",0.06981,{"date":276,"score":244,"percentile":277},"2026-02-25",0.06915,{"date":279,"score":244,"percentile":280},"2026-02-26",0.06858,{"date":282,"score":244,"percentile":283},"2026-02-27",0.06877,{"date":285,"score":244,"percentile":286},"2026-02-28",0.06884,{"date":288,"score":244,"percentile":289},"2026-03-01",0.06937,{"date":291,"score":244,"percentile":292},"2026-03-02",0.06833,{"date":294,"score":244,"percentile":295},"2026-03-03",0.06841,{"date":297,"score":244,"percentile":298},"2026-03-04",0.06763,{"date":300,"score":244,"percentile":301},"2026-03-05",0.06789,{"date":303,"score":244,"percentile":304},"2026-03-06",0.06772,{"date":306,"score":244,"percentile":307},"2026-03-07",0.06775,{"date":309,"score":244,"percentile":310},"2026-03-08",0.06741,{"date":312,"score":244,"percentile":313},"2026-03-09",0.06705,{"date":315,"score":244,"percentile":316},"2026-03-10",0.06706,{"date":318,"score":244,"percentile":319},"2026-03-11",0.06728,{"date":321,"score":244,"percentile":322},"2026-03-12",0.06756,{"date":324,"score":244,"percentile":325},"2026-03-13",0.06774,{"date":327,"score":244,"percentile":328},"2026-03-14",0.06727,{"date":330,"score":244,"percentile":331},"2026-03-15",0.06717,{"date":333,"score":244,"percentile":334},"2026-03-16",0.06695,{"date":336,"score":244,"percentile":337},"2026-03-17",0.06682,{"date":339,"score":244,"percentile":340},"2026-03-18",0.0667,{"date":342,"score":244,"percentile":343},"2026-03-19",0.06685,{"date":345,"score":244,"percentile":346},"2026-03-20",0.06707,{"date":348,"score":244,"percentile":349},"2026-03-21",0.06926,{"date":351,"score":352,"percentile":353},"2026-03-22",0.00027,0.07356,{"date":355,"score":352,"percentile":356},"2026-03-23",0.07323,{"date":358,"score":352,"percentile":359},"2026-03-24",0.07307,{"date":361,"score":352,"percentile":362},"2026-03-25",0.07388,{"date":364,"score":149,"percentile":365},"2026-03-26",0.04284,{"date":367,"score":149,"percentile":368},"2026-03-27",0.04285,{"date":370,"score":149,"percentile":371},"2026-03-28",0.04289,{"date":373,"score":149,"percentile":374},"2026-03-29",0.04281,{"date":376,"score":149,"percentile":377},"2026-03-30",0.04257,{"date":379,"score":149,"percentile":380},"2026-03-31",0.04242,{"date":382,"score":149,"percentile":383},"2026-04-01",0.04249,{"date":385,"score":149,"percentile":386},"2026-04-02",0.0429,{"date":388,"score":149,"percentile":389},"2026-04-03",0.04311,{"date":391,"score":149,"percentile":392},"2026-04-04",0.04312,{"date":394,"score":149,"percentile":395},"2026-04-05",0.04305,{"date":397,"score":149,"percentile":398},"2026-04-06",0.04309,{"date":400,"score":149,"percentile":401},"2026-04-07",0.04323,{"date":403,"score":149,"percentile":404},"2026-04-08",0.04355,{"date":406,"score":149,"percentile":407},"2026-04-09",0.04371,{"date":409,"score":149,"percentile":410},"2026-04-10",0.04379,{"date":412,"score":149,"percentile":413},"2026-04-11",0.04364,{"date":415,"score":149,"percentile":416},"2026-04-12",0.04351,{"date":418,"score":149,"percentile":419},"2026-04-13",0.04331,[421],{"source":117,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":422,"cvss_v4_0":9},{"baseScore":115,"baseSeverity":423,"vectorString":118,"impactScore":424,"exploitabilityScore":425},"MEDIUM",6,4.6,[427,458],{"ecosystem":9,"name":428,"vendor":429,"product":429,"cpe_part":430,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":431},"Linux","linux","a",[432,439,443,446,449,452,456],{"version":433,"is_range":434,"range_type":123,"version_start":435,"version_start_type":436,"version_end":437,"version_end_type":438,"fixed_in":9},">= 01b7822700f2256900089e00390e119e1ad545df, \u003C b5f46a08269265e2f5e87d855287d6d22de0a32b",true,"01b7822700f2256900089e00390e119e1ad545df","including","b5f46a08269265e2f5e87d855287d6d22de0a32b","excluding",{"version":440,"is_range":434,"range_type":123,"version_start":441,"version_start_type":436,"version_end":442,"version_end_type":438,"fixed_in":9},">= 1e777f39b4d75e599a3aac8e0f67d739474f198c, \u003C c9bf315228287653522894df9d851e9b43db9516","1e777f39b4d75e599a3aac8e0f67d739474f198c","c9bf315228287653522894df9d851e9b43db9516",{"version":444,"is_range":434,"range_type":123,"version_start":441,"version_start_type":436,"version_end":445,"version_end_type":438,"fixed_in":9},">= 1e777f39b4d75e599a3aac8e0f67d739474f198c, \u003C 79f80a7a47849ef1b3c25a0bedcc448b9cb551c1","79f80a7a47849ef1b3c25a0bedcc448b9cb551c1",{"version":447,"is_range":434,"range_type":123,"version_start":441,"version_start_type":436,"version_end":448,"version_end_type":438,"fixed_in":9},">= 1e777f39b4d75e599a3aac8e0f67d739474f198c, \u003C 25f1ae942c097b7ae4ce5c2b9c6fefb8e3672b86","25f1ae942c097b7ae4ce5c2b9c6fefb8e3672b86",{"version":450,"is_range":434,"range_type":123,"version_start":441,"version_start_type":436,"version_end":451,"version_end_type":438,"fixed_in":9},">= 1e777f39b4d75e599a3aac8e0f67d739474f198c, \u003C 71154bbe49423128c1c8577b6576de1ed6836830","71154bbe49423128c1c8577b6576de1ed6836830",{"version":453,"is_range":434,"range_type":123,"version_start":454,"version_start_type":436,"version_end":455,"version_end_type":438,"fixed_in":9},">= 6.1.110, \u003C 6.1.160","6.1.110","6.1.160",{"version":457,"is_range":111,"range_type":123,"version_start":457,"version_start_type":436,"version_end":457,"version_end_type":436,"fixed_in":9},"6.2",{"ecosystem":9,"name":459,"vendor":429,"product":460,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":462},"linux kernel","linux_kernel","o",[463,466,470,474,478,479,481,483,485,487,489,491,493],{"version":464,"is_range":434,"range_type":465,"version_start":454,"version_start_type":436,"version_end":455,"version_end_type":438,"fixed_in":9},"gte6.1.110_lt6.1.160","cpe",{"version":467,"is_range":434,"range_type":465,"version_start":468,"version_start_type":436,"version_end":469,"version_end_type":438,"fixed_in":9},"gte6.2.1_lt6.6.120","6.2.1","6.6.120",{"version":471,"is_range":434,"range_type":465,"version_start":472,"version_start_type":436,"version_end":473,"version_end_type":438,"fixed_in":9},"gte6.7_lt6.12.65","6.7","6.12.65",{"version":475,"is_range":434,"range_type":465,"version_start":476,"version_start_type":436,"version_end":477,"version_end_type":438,"fixed_in":9},"gte6.13_lt6.18.4","6.13","6.18.4",{"version":457,"is_range":111,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":480,"is_range":111,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.19:rc1",{"version":482,"is_range":111,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.19:rc2",{"version":484,"is_range":111,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.19:rc3",{"version":486,"is_range":111,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.19:rc4",{"version":488,"is_range":111,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.19:rc5",{"version":490,"is_range":111,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.19:rc6",{"version":492,"is_range":111,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.19:rc7",{"version":494,"is_range":111,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"6.19:rc8"]