CVE-2021-47131

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A use-after-free vulnerability has been resolved in the Linux kernel. The issue occurs when a netdev with active TLS offload goes down, and the TLS context is deallocated, but the socket still points to it. If the netdev goes up while the connection is still active, it can lead to a use-after-free of the TLS context. The commit addresses this bug by keeping the context alive until its normal destruction and implementing necessary fallbacks to resume the connection in software (non-offloaded) kTLS mode. On the TX side, tls sw fallback is used to encrypt all packets. The RX side already has the necessary fallbacks, and the new flag TLS RX DEV DEGRADED is added to indicate the fallback mode.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.