CVE-2021-47594: 
Linux Kernel vulnerability analysis and mitigation

CVE-2021-47594 affects the Linux kernel's MPTCP (Multipath TCP) implementation. The vulnerability was discovered when deleting an endpoint where the netlink PM traverses all local MPTCP sockets regardless of their status. If an MPTCP listener socket is bound to the IP matching the delete endpoint, the listener TCP socket will be closed unexpectedly, as the PM should only affect data subflows. This vulnerability affects Linux kernel versions from 5.13 up to (excluding) 5.15.11, and version 5.16 release candidates RC1 through RC5 (NVD).

The vulnerability stems from improper handling of socket states in the MPTCP netlink path manager. When processing endpoint deletion, the code fails to properly check the socket state before attempting operations, leading to unexpected closure of listener sockets. The issue has a CVSS v3.1 Base Score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. Additionally, the vulnerability can trigger a NULL pointer dereference in the kernel's locking subsystem (Kernel Patch).

The vulnerability can lead to two primary impacts: unexpected closure of legitimate MPTCP listener sockets, which can disrupt network services, and potential system crashes due to NULL pointer dereference when the vulnerability is triggered. This can affect system availability and stability of network services using MPTCP (NVD).

The vulnerability has been fixed by explicitly skipping MPTCP sockets in TCP_LISTEN status during endpoint deletion processing. The fix was implemented in kernel patches that add a state check before processing socket operations. Users should upgrade to Linux kernel version 5.15.11 or later, or apply the available security patches (Kernel Patch).