In the Linux kernel, the following vulnerability has been resolved:
net: tls: fix use-after-free with partial reads and async decrypt
tls_decrypt_sg doesn't take a reference on the pages from clear_skb,
so the put_page() in tls_decrypt_done releases them, and we trigger
a use-after-free in process_rx_list when we try to read from the
partially-read skb.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-02-21T14:59:11.229Z
Updated: 2024-08-08T19:39:35.386Z
Reserved: 2024-02-19T14:20:24.125Z
Link: CVE-2024-26582
Vulnrichment
Updated: 2024-08-02T00:07:19.870Z
NVD
Status : Analyzed
Published: 2024-02-21T15:15:09.327
Modified: 2024-03-15T13:56:41.843
Link: CVE-2024-26582
Redhat