Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling the work before calling complete(). This seems more logical in the first place, as it's the inverse order of what the submitting thread will do.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.20.0, < 6.6.18 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/196f198ca6fce04ba6ce262f5a0e4d567d7d219d
- https://git.kernel.org/stable/c/6db22d6c7a6dc914b12c0469b94eb639b6a8a146Patch
- https://git.kernel.org/stable/c/dd32621f19243f89ce830919496a5dcc2158aa33
- https://git.kernel.org/stable/c/e01e3934a1b2d122919f73bc6ddbe1cdafc4bbdbPatch
- https://git.kernel.org/stable/c/e327ed60bff4a991cd7a709c47c4f0c5b4a4fd57Patch
- https://git.kernel.org/stable/c/196f198ca6fce04ba6ce262f5a0e4d567d7d219d
- https://git.kernel.org/stable/c/6db22d6c7a6dc914b12c0469b94eb639b6a8a146Patch
- https://git.kernel.org/stable/c/e01e3934a1b2d122919f73bc6ddbe1cdafc4bbdbPatch
- https://git.kernel.org/stable/c/e327ed60bff4a991cd7a709c47c4f0c5b4a4fd57Patch
- https://lists.fedoraproject.org/archives/list/[email protected]
FAQ
What is CVE-2024-26585?
CVE-2024-26585 is a vulnerability with a CVSS score of 4.7 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) ma...
How severe is CVE-2024-26585?
CVE-2024-26585 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-26585?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.