CVE-2025-21705: 
Linux Kernel vulnerability analysis and mitigation

CVE-2025-21705 is a vulnerability discovered in the Linux kernel's MPTCP (Multipath TCP) implementation, specifically related to the handling of fastopen disconnect operations. The issue was identified on February 26, 2025, when Syzbot detected a data stream corruption in the kernel version 6.13.0-rc2-syzkaller. The vulnerability affects the MPTCP protocol implementation in the Linux kernel, particularly the fastopen disconnect handling mechanism (NVD).

The vulnerability stems from improper handling of disconnect() operations generated internally by the MPTCP protocol during connect FASTOPEN errors. The issue manifests in the net/mptcp/protocol.c file at line 1024, specifically in the _mptcpcleanuna function. The bug can trigger a data stream corruption warning and affects the socket disconnect counter management. The technical trace shows the error occurring in the mptcpsendmsg_fastopen function, which fails to properly handle the disconnect state (Kernel Patch).

When exploited, this vulnerability can lead to data stream corruption in MPTCP connections. The issue affects the proper handling of socket disconnections, which could potentially cause other threads waiting on the same socket lock to fail to error out correctly (Kernel Patch).

A patch has been developed and committed to address the vulnerability. The fix involves increasing the socket disconnect counter when handling FASTOPEN errors, ensuring proper error handling for threads waiting on socket locks. The patch modifies the mptcp_disconnect function to properly update the socket state and disconnect counter (Kernel Patch).