CVE-2024-45010: 
Linux Kernel vulnerability analysis and mitigation

CVE-2024-45010 affects the Linux kernel's MPTCP (Multipath TCP) implementation. The vulnerability was discovered during testing of the 'remove single address' subtest from the mptcp_join.sh selftests and was publicly disclosed on September 11, 2024. The issue affects Linux kernel versions from 5.13 up to versions before 6.1.108, 6.6.48, and 6.10.7 (NVD).

The vulnerability stems from incorrect handling of the local_addr_used counter in the MPTCP path manager. When removing a 'signal' endpoint, it triggers the removal of all subflows linked to this endpoint via mptcp_pm_nl_rm_addr_or_subflow() with rm_type == MPTCP_MIB_RMSUBFLOW. This incorrectly decrements the local_addr_used counter, which should only be associated with 'subflow' endpoints. The issue has a CVSS v3.1 Base Score of 5.5 (Medium) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (NVD).

The vulnerability can lead to incorrect handling of MPTCP subflow management, potentially affecting the availability of network connections using MPTCP. The issue specifically impacts the counter that tracks local address usage, which could lead to resource management problems in the MPTCP subsystem (Kernel Patch).

The issue has been fixed in Linux kernel versions 6.1.108, 6.6.48, and 6.10.7. The fix involves modifying the handling of the local_addr_used counter to ensure it is only decremented for 'subflow' endpoints and not for 'signal' endpoints. The patch also adds a warning (WARN_ON_ONCE) to detect potential counter underflows (Kernel Patch).