CVE-2021-47591 is a vulnerability identified in the Linux kernel's implementation of Multipath TCP (MPTCP), specifically related to the TCP_ULP (TCP Upper Layer Protocol) setsockopt support. MPTCP is an extension of TCP that allows multiple paths to be used simultaneously between two endpoints, improving redundancy and throughput. The vulnerability arises because the TCP_ULP setsockopt interface, which is used to attach upper layer protocols to TCP sockets, cannot be safely used with MPTCP sockets. This is due to the internal use of TCP_ULP setsockopt within the MPTCP implementation to manage subflow sockets. The issue was discovered by syzbot, an automated kernel fuzzer, which triggered a null pointer dereference crash when attempting to use TCP_ULP setsockopt on MPTCP connections in fallback mode. The crash occurs in the kernel address sanitizer (KASAN) detected null pointer dereference in the tls_build_proto function in the TLS subsystem, called from tcp_ulp.c and mptcp sockopt handling code. This indicates that the setsockopt call attempts to access invalid memory, leading to kernel panic or denial of service. The fix involves removing support for TCP_ULP setsockopt on MPTCP sockets to prevent this unsafe operation. This vulnerability affects Linux kernel versions including the 5.16.0-rc2 release candidate and potentially others using the affected commit hashes. No known exploits are reported in the wild, and no CVSS score has been assigned yet. However, the vulnerability can cause kernel crashes and potential denial of service on systems using MPTCP with TCP_ULP setsockopt, especially in fallback mode scenarios.

For European organizations, the impact of CVE-2021-47591 primarily concerns systems running Linux kernels with MPTCP enabled and using TCP_ULP setsockopt functionality, such as advanced networking setups or specialized applications leveraging MPTCP for redundancy or performance. The vulnerability can lead to kernel crashes resulting in denial of service, which may disrupt critical services, especially in infrastructure relying on Linux servers for networking, cloud services, or telecommunications. Organizations in sectors like finance, telecommunications, and cloud service providers could face service interruptions or degraded network reliability. While no direct remote code execution or privilege escalation is indicated, repeated crashes could be exploited to cause persistent service outages. The lack of known exploits reduces immediate risk, but the vulnerability highlights the need for careful kernel configuration and patching to maintain system stability. Given the increasing adoption of MPTCP in mobile networks and data centers, European entities deploying such technologies must assess exposure and prioritize remediation to avoid operational disruptions.

To mitigate CVE-2021-47591, European organizations should: 1) Apply the latest Linux kernel patches that remove TCP_ULP setsockopt support for MPTCP sockets, ensuring the kernel version includes the fix. 2) Audit systems to identify usage of MPTCP and TCP_ULP setsockopt calls, disabling or restricting these features if not required. 3) For environments requiring MPTCP, test updated kernels in staging to confirm stability and absence of fallback mode crashes. 4) Monitor kernel logs for signs of null pointer dereference or crashes related to tcp_ulp or mptcp sockopt operations. 5) Implement kernel hardening and memory protection features such as KASAN in development or testing environments to detect similar issues early. 6) Coordinate with application developers to avoid using TCP_ULP setsockopt on MPTCP sockets. 7) Maintain robust incident response plans to quickly recover from potential denial of service caused by kernel crashes. These steps go beyond generic advice by focusing on kernel patching, configuration auditing, and proactive monitoring specific to MPTCP and TCP_ULP interactions.