Thedude

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified) Description The Linux kernel contains a flaw related to the handling of asynchronous decryption within the TLS (Transport Layer Security) protocol. Specifically, the `async hold` queue, used to manage encrypted data packets (skbs), was not consistently cleared, leading to a memory leak. This issue occurred when `tls strp msg hold()` failed during processing, leaving packets pinned in the `async hold` queue. The fix centralizes the purging of this queue within the `tls decrypt async wait()` function, ensuring that all pending decryption operations are completed and associated memory is released. The vulnerability was addressed by moving the ` skb queue purge(&ctx->async hold)` operation into `tls decrypt async wait()` to ensure consistent release of held skbs across different call paths. Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.