A subtle ordering bug in the Linux kernel’s Multipath TCP (MPTCP) implementation has been fixed after a syzbot report exposed a race that can lead to a use‑after‑free in mptcp_schedule_work. The upstream remedy is small and surgical — reordering reference‑count operations so the socket reference...
