CVE-2024-53122 is a vulnerability identified in the Linux kernel's implementation of Multipath TCP (MPTCP), specifically within the subflow management code. MPTCP allows a single TCP connection to use multiple network paths simultaneously, improving redundancy and throughput. The vulnerability arises from a race condition during subflow creation in the function mptcp_rcv_space_adjust. When additional subflows are created by the kernel's path manager, they are added to the subflow list before the completion of the TCP three-way handshake (3whs). Concurrently, a racing recvmsg() call that processes incoming data on an already established subflow may invoke tcp_cleanup_rbuf() on all current subflows unconditionally. This can lead to a divide-by-zero error on newly created subflows that are not yet fully established or in a suitable state. The root cause is the lack of proper state validation before calling tcp_cleanup_rbuf(), which is responsible for cleaning up the TCP receive buffer. The fix involves explicitly checking that a subflow is in an appropriate state before invoking tcp_cleanup_rbuf(), preventing the divide-by-zero error and potential kernel crash or denial of service. This vulnerability affects Linux kernel versions identified by the commit hash c76c6956566f974bac2470bd72fc22fb923e04a1 and potentially other versions with similar MPTCP implementations. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.

For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with MPTCP enabled or in use, such as servers, network appliances, or embedded devices that leverage multipath TCP for network resilience or performance. Exploitation could lead to kernel crashes resulting in denial of service (DoS), impacting availability of critical services. While the vulnerability does not appear to allow privilege escalation or remote code execution directly, a DoS on network infrastructure or critical servers could disrupt business operations, especially in sectors reliant on high availability like finance, telecommunications, and public services. Given the nature of the flaw—a race condition in kernel networking code—an attacker with the ability to send crafted network traffic to affected systems could trigger the fault. The impact on confidentiality and integrity is limited, but availability impact could be significant depending on the deployment context. European organizations with Linux-based infrastructure using MPTCP should be aware of this risk and prioritize patching once updates are available.

1. Apply kernel patches or updates from Linux vendors as soon as they become available that address CVE-2024-53122. Monitor official Linux kernel mailing lists and vendor advisories for patched kernel releases. 2. Temporarily disable MPTCP functionality if it is not essential for your environment to reduce exposure. This can often be done via kernel module parameters or sysctl settings. 3. Implement network-level controls to limit or filter unexpected or suspicious TCP subflow creation attempts, especially from untrusted networks. 4. Monitor system logs and kernel messages for signs of tcp_cleanup_rbuf() errors or kernel crashes that may indicate attempted exploitation. 5. Conduct thorough testing of kernel updates in staging environments before deployment to production to ensure stability. 6. For critical infrastructure, consider deploying redundancy and failover mechanisms to mitigate potential availability impacts from kernel crashes. 7. Engage with Linux distribution security teams to receive timely updates and guidance.