CVE-2024-58240
BaseFortify
Publication date: 2025-08-28
Last updated on: 2025-11-03
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | 6.1.153 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability relates to the Linux kernel's TLS (Transport Layer Security) implementation. It involves the handling of decryption requests when asynchronous processing is not used. The fix separates the handling of no-async decryption requests from async ones to simplify the process, avoiding complex reference counting and ensuring proper waiting for completion. This change addresses potential issues such as use-after-free (UAF) errors that were previously mitigated by earlier fixes.
How can this vulnerability impact me? :
If unpatched, this vulnerability could lead to race conditions or use-after-free errors in the Linux kernel's TLS decryption process, potentially causing system instability or security issues such as crashes or exploitation by attackers. The fix improves the reliability and security of TLS decryption handling in the kernel.