CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-26800

In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and crypto_aead_decrypt returns -EBUSY, tls_do_decryption will wait until all async decryptions have completed. If one of them fails, tls_do_decryption will return -EBADMSG and tls_decrypt_sg jumps to the error path, releasing all the pages. But the pages have been passed to the async callback, and have already been released by tls_decrypt_done. The only true async case is when crypto_aead_decrypt returns -EINPROGRESS. With -EBUSY, we already waited so we can tell tls_sw_recvmsg that the data is available for immediate copy, but we need to notify tls_decrypt_sg (via the new ->async_done flag) that the memory has already been released.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.1%

CVSS Severity

CVSS v3 Score 7.8

References

Products affected by CVE-2024-26800

Linux » Linux Kernel » Version: 5.15.160

cpe:2.3:o:linux:linux_kernel:5.15.160
Linux » Linux Kernel » Version: 5.15.161

cpe:2.3:o:linux:linux_kernel:5.15.161
Linux » Linux Kernel » Version: 5.15.162

cpe:2.3:o:linux:linux_kernel:5.15.162
Linux » Linux Kernel » Version: 5.15.163

cpe:2.3:o:linux:linux_kernel:5.15.163
Linux » Linux Kernel » Version: 5.15.164

cpe:2.3:o:linux:linux_kernel:5.15.164
Linux » Linux Kernel » Version: 5.15.165

cpe:2.3:o:linux:linux_kernel:5.15.165
Linux » Linux Kernel » Version: 5.15.166

cpe:2.3:o:linux:linux_kernel:5.15.166
Linux » Linux Kernel » Version: 5.15.167

cpe:2.3:o:linux:linux_kernel:5.15.167
Linux » Linux Kernel » Version: 5.15.168

cpe:2.3:o:linux:linux_kernel:5.15.168
Linux » Linux Kernel » Version: 5.15.169

cpe:2.3:o:linux:linux_kernel:5.15.169
Linux » Linux Kernel » Version: 5.15.170

cpe:2.3:o:linux:linux_kernel:5.15.170
Linux » Linux Kernel » Version: 5.15.171

cpe:2.3:o:linux:linux_kernel:5.15.171
Linux » Linux Kernel » Version: 5.15.172

cpe:2.3:o:linux:linux_kernel:5.15.172
Linux » Linux Kernel » Version: 5.15.173

cpe:2.3:o:linux:linux_kernel:5.15.173
Linux » Linux Kernel » Version: 5.15.174

cpe:2.3:o:linux:linux_kernel:5.15.174
Linux » Linux Kernel » Version: 5.15.175

cpe:2.3:o:linux:linux_kernel:5.15.175
Linux » Linux Kernel » Version: 5.15.176

cpe:2.3:o:linux:linux_kernel:5.15.176
Linux » Linux Kernel » Version: 5.15.177

cpe:2.3:o:linux:linux_kernel:5.15.177
Linux » Linux Kernel » Version: 5.15.178

cpe:2.3:o:linux:linux_kernel:5.15.178
Linux » Linux Kernel » Version: 5.15.179

cpe:2.3:o:linux:linux_kernel:5.15.179
Linux » Linux Kernel » Version: 5.15.180

cpe:2.3:o:linux:linux_kernel:5.15.180
Linux » Linux Kernel » Version: 5.15.181

cpe:2.3:o:linux:linux_kernel:5.15.181
Linux » Linux Kernel » Version: 5.15.182

cpe:2.3:o:linux:linux_kernel:5.15.182
Linux » Linux Kernel » Version: 5.15.183

cpe:2.3:o:linux:linux_kernel:5.15.183
Linux » Linux Kernel » Version: 5.15.184

cpe:2.3:o:linux:linux_kernel:5.15.184
Linux » Linux Kernel » Version: 5.15.185

cpe:2.3:o:linux:linux_kernel:5.15.185
Linux » Linux Kernel » Version: 5.15.186

cpe:2.3:o:linux:linux_kernel:5.15.186
Linux » Linux Kernel » Version: 5.15.187

cpe:2.3:o:linux:linux_kernel:5.15.187
Linux » Linux Kernel » Version: 5.15.188

cpe:2.3:o:linux:linux_kernel:5.15.188
Linux » Linux Kernel » Version: 5.15.189

cpe:2.3:o:linux:linux_kernel:5.15.189
Linux » Linux Kernel » Version: 5.15.190

cpe:2.3:o:linux:linux_kernel:5.15.190
Linux » Linux Kernel » Version: 5.15.191

cpe:2.3:o:linux:linux_kernel:5.15.191
Linux » Linux Kernel » Version: 5.15.192

cpe:2.3:o:linux:linux_kernel:5.15.192
Linux » Linux Kernel » Version: 5.15.193

cpe:2.3:o:linux:linux_kernel:5.15.193
Linux » Linux Kernel » Version: 5.15.194

cpe:2.3:o:linux:linux_kernel:5.15.194
Linux » Linux Kernel » Version: 5.15.195

cpe:2.3:o:linux:linux_kernel:5.15.195
Linux » Linux Kernel » Version: 5.15.196

cpe:2.3:o:linux:linux_kernel:5.15.196
Linux » Linux Kernel » Version: 5.15.197

cpe:2.3:o:linux:linux_kernel:5.15.197
Linux » Linux Kernel » Version: 5.15.198

cpe:2.3:o:linux:linux_kernel:5.15.198
Linux » Linux Kernel » Version: 5.15.199

cpe:2.3:o:linux:linux_kernel:5.15.199
Linux » Linux Kernel » Version: 5.15.200

cpe:2.3:o:linux:linux_kernel:5.15.200
Linux » Linux Kernel » Version: 5.15.201

cpe:2.3:o:linux:linux_kernel:5.15.201
Linux » Linux Kernel » Version: 5.15.202

cpe:2.3:o:linux:linux_kernel:5.15.202
Linux » Linux Kernel » Version: 5.15.203

cpe:2.3:o:linux:linux_kernel:5.15.203
Linux » Linux Kernel » Version: 6.6.18

cpe:2.3:o:linux:linux_kernel:6.6.18
Linux » Linux Kernel » Version: 6.6.19

cpe:2.3:o:linux:linux_kernel:6.6.19
Linux » Linux Kernel » Version: 6.6.20

cpe:2.3:o:linux:linux_kernel:6.6.20
Linux » Linux Kernel » Version: 6.7.6

cpe:2.3:o:linux:linux_kernel:6.7.6
Linux » Linux Kernel » Version: 6.7.7

cpe:2.3:o:linux:linux_kernel:6.7.7
Linux » Linux Kernel » Version: 6.7.8

cpe:2.3:o:linux:linux_kernel:6.7.8
Linux » Linux Kernel » Version: 6.8

cpe:2.3:o:linux:linux_kernel:6.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-26800

Products

Pricing

Contact Us