CVE-2024-26585

tls: fix race between tx work scheduling and socket close

References

Notes

 carnil> Introduced in a42055e8d2c3 ("net/tls: Add support for async encryption of
 carnil> records for performance"). Vulnerable versions: 4.20-rc1.

Bugs

Status

Branch Status
4.19-buster-security N/A "Vulnerable code not present"
4.19-upstream-stable N/A "Vulnerable code not present"
5.10-bullseye-security needed
5.10-upstream-stable needed
6.1-bookworm-security released (6.1.85-1)
6.1-upstream-stable released (6.1.84) [196f198ca6fce04ba6ce262f5a0e4d567d7d219d]
6.6-upstream-stable released (6.6.18) [6db22d6c7a6dc914b12c0469b94eb639b6a8a146]
6.8-upstream-stable N/A "Fixed before branching point"
sid released (6.7.7-1)
upstream released (6.8-rc5) [e01e3934a1b2d122919f73bc6ddbe1cdafc4bbdb]