CVE-2024-35908

May 19, 2024, 9:15 a.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: tls: get psock ref after taking rxlock to avoid leak At the start of tls_sw_recvmsg, we take a reference on the psock, and then call tls_rx_reader_lock. If that fails, we return directly without releasing the reference. Instead of adding a new label, just take the reference after locking has succeeded, since we don't need it before.

Product(s) Impacted

Product Versions
Linux kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/30fabe50a7ace3e9d57cf7f9288f33ea408491c8
https://git.kernel.org/stable/c/417e91e856099e9b8a42a2520e2255e6afe024be
https://git.kernel.org/stable/c/b565d294e3d5aa809566a4d819835da11997d8b3
https://git.kernel.org/stable/c/f1b7f14130d782433bc98c1e1e41ce6b4d4c3096

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-05-19
CVE-2024-35908

Timeline

Published: May 19, 2024, 9:15 a.m.
Last Modified: May 19, 2024, 9:15 a.m.

Status : Received

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.