NACK/Cmt: [SRU][F/J][PATCH 0/2] CVE-2024-26800
Juerg Haefliger
juerg.haefliger at canonical.com
Mon Sep 23 14:18:21 UTC 2024
On Mon, 23 Sep 2024 14:28:29 +0200
Thibault Ferrante <thibault.ferrante at canonical.com> wrote:
> On 05-09-2024 16:26, Juerg Haefliger wrote:
> > https://ubuntu.com/security/CVE-2024-26800
> >
> > [ Impact ]
> >
> > Potential use-after-free in async kTLS decryption.
> >
> >
> > [ Test Case ]
> >
> > Using tcrypt/pcrypt, verified that modified code is called when running the tls kernel
> > selftests and that no new failures are introduced.
> >
> >
> > [ Where Problems Could Occur ]
> >
> > Limited to async kernel-space TLS (kTLS) decryption (which requires special crypto acceleration
> > hardware).
> >
>
> Both patch `tls: separate no-async decryption request handling from async` should be backported as there is context changes.
> Everything is good except that.
That commit is a clean cherry-pick:
$ git am 0001-tls-rx-coalesce-exit-paths-in-tls_decrypt_sg.patch
Applying: tls: rx: coalesce exit paths in tls_decrypt_sg()
$ git cherry-pick 41532b785e9d79636b3815a64ddf6a096647d011
Auto-merging net/tls/tls_sw.c
[foo db2a1cfbbea2] tls: separate no-async decryption request handling from async
Author: Sabrina Dubroca <sd at queasysnail.net>
Date: Wed Feb 28 23:43:59 2024 +0100
1 file changed, 8 insertions(+), 5 deletions(-)
...Juerg
> --
> Thibault
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240923/c48ed396/attachment.sig>
More information about the kernel-team
mailing list