CVE-2026-23414

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw related to the handling of asynchronous decryption within the TLS (Transport Layer Security) protocol. Specifically, the async hold queue, used to manage encrypted data packets (skbs), was not consistently cleared, leading to a memory leak. This issue occurred when tls strp msg hold() failed during processing, leaving packets pinned in the async hold queue. The fix centralizes the purging of this queue within the tls decrypt async wait() function, ensuring that all pending decryption operations are completed and associated memory is released. The vulnerability was addressed by moving the skb queue purge(&ctx->async hold) operation into tls decrypt async wait() to ensure consistent release of held skbs across different call paths.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.