In the Linux kernel, the following vulnerability has been resolved: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconnect() subflowfinishconnect() uses four fields (backup, joinid, thmac, none) that may contain garbage unless OPTIONMPTCPMPJSYNACK has been set in mptcpparse_option()