CVE-2024-26585

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-26585
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26585.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-26585
Downstream
Related
Published
2024-02-21T15:15:09Z
Modified
2025-08-09T19:01:27Z
Severity
  • 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

tls: fix race between tx work scheduling and socket close

Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling the work before calling complete(). This seems more logical in the first place, as it's the inverse order of what the submitting thread will do.

References

Affected packages