retired/CVE-2024-26800


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: tls: fix use-after-free on failed backlog decryption
References:
Notes:
 carnil> Introduced in 859054147318 ("net: tls: handle backlogging of crypto requests").
 carnil> Vulnerable versions: 6.1.84 6.6.18 6.7.6 6.8-rc5.
Bugs:
upstream: released (6.8-rc7) [13114dc5543069f7b97991e3b79937b6da05f5b0]
6.7-upstream-stable: released (6.7.9) [1ac9fb84bc7ecd4bc6428118301d9d864d2a58d1]
6.6-upstream-stable: released (6.6.21) [81be85353b0f5a7b660635634b655329b429eefe]
6.1-upstream-stable: released (6.1.84) [f2b85a4cc763841843de693bbd7308fe9a2c4c89]
5.10-upstream-stable: N/A "Vulnerable code not present"
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.7.9-1)
6.1-bookworm-security: released (6.1.85-1)
5.10-bullseye-security: N/A "Vulnerable code not present"
4.19-buster-security: N/A "Vulnerable code not present"