CVE-2025-23145 | Linux Kernel up to 6.1.134/6.6.87/6.12.23/6.13.11/6.14.2 mptcp /net/mptcp/subflow.c subflow_hmac_valid null pointer dereference

A vulnerability was found in Linux Kernel up to 6.1.134/6.6.87/6.12.23/6.13.11/6.14.2. It has been rated as critical. Affected by this issue is the function subflow_hmac_valid of the file /net/mptcp/subflow.c of the component mptcp. The manipulation leads to null pointer dereference.

This vulnerability is handled as CVE-2025-23145. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More