UBUNTU-CVE-2024-26585
Vulnerability Summary
Timeline
Description
In the Linux kernel, the following vulnerability has been resolved: tls: fix race between tx work scheduling and socket close Similarly to previous commit, the submitting thread (recvmsg/sendmsg) may exit as soon as the async crypto handler calls complete(). Reorder scheduling the work before calling complete(). This seems more logical in the first place, as it's the inverse order of what the submitting thread will do.
CVSS Metrics
- v3.1•MEDIUM•Score: 4.7CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Systems
- ubuntu•linux
< 5.4.0-190.210 | < 5.15.0-112.122
- ubuntu•linux-allwinner-5.19
all
- ubuntu•linux-aws
< 5.4.0-1129.139 | < 5.15.0-1063.69
- ubuntu•linux-aws-5.0
all
- ubuntu•linux-aws-5.11
all
- ubuntu•linux-aws-5.13
all
- ubuntu•linux-aws-5.15
< 5.15.0-1063.69~20.04.1
- ubuntu•linux-aws-5.19
all
- ubuntu•linux-aws-5.3
all
- ubuntu•linux-aws-5.4
< 5.4.0-1129.139~18.04.1
- ubuntu•linux-aws-5.8
all
- ubuntu•linux-aws-6.2
all
- ubuntu•linux-aws-6.5
all
- ubuntu•linux-aws-fips
< 5.4.0-1129.139+fips1 | all | < 5.15.0-1063.69+fips1
- ubuntu•linux-azure
all | < 5.4.0-1134.141 | < 5.15.0-1066.75
- ubuntu•linux-azure-5.11
all
- ubuntu•linux-azure-5.13
all
- ubuntu•linux-azure-5.15
< 5.15.0-1065.74~20.04.1
- ubuntu•linux-azure-5.19
all
- ubuntu•linux-azure-5.3
all
- ubuntu•linux-azure-5.4
< 5.4.0-1134.141~18.04.1
- ubuntu•linux-azure-5.8
all
- ubuntu•linux-azure-6.2
all
- ubuntu•linux-azure-6.5
< 6.5.0-1022.23~22.04.1
- ubuntu•linux-azure-edge
all
- ubuntu•linux-azure-fde
all | < 5.15.0-1067.76.1 | all
- ubuntu•linux-azure-fde-5.19
all
- ubuntu•linux-azure-fde-6.2
all
- ubuntu•linux-azure-fde-6.8
all
- ubuntu•linux-azure-fips
< 5.4.0-1134.141+fips1 | all | < 5.15.0-1065.74+fips1
- ubuntu•linux-bluefield
< 5.15.0-1044.46 | < 5.4.0-1089.96 | < 5.15.0-1044.46 | all
- ubuntu•linux-fips
< 5.4.0-1103.113 | all | < 5.15.0-111.121+fips1
- ubuntu•linux-gcp
all | < 5.4.0-1133.142 | < 5.15.0-1062.70
- ubuntu•linux-gcp-5.11
all
- ubuntu•linux-gcp-5.13
all
- ubuntu•linux-gcp-5.15
< 5.15.0-1062.70~20.04.1
- ubuntu•linux-gcp-5.19
all
- ubuntu•linux-gcp-5.3
all
- ubuntu•linux-gcp-5.4
< 5.4.0-1133.142~18.04.1
- ubuntu•linux-gcp-5.8
all
- ubuntu•linux-gcp-6.2
all
- ubuntu•linux-gcp-6.5
< 6.5.0-1022.24~22.04.1
- ubuntu•linux-gcp-fips
< 5.4.0-1133.142+fips1 | all | < 5.15.0-1062.70+fips1
- ubuntu•linux-gke
all | < 5.15.0-1060.66
- ubuntu•linux-gke-4.15
all
- ubuntu•linux-gke-5.15
all
- ubuntu•linux-gke-5.4
all
- ubuntu•linux-gkeop
< 5.4.0-1096.100 | < 5.15.0-1046.53
- ubuntu•linux-gkeop-5.15
< 5.15.0-1046.53~20.04.1
- ubuntu•linux-gkeop-5.4
all
Showing first 50 affected entries in server-rendered view.
References (26)
- https://ubuntu.com/security/CVE-2024-26585
- https://git.kernel.org/linus/e01e3934a1b2d122919f73bc6ddbe1cdafc4bbdb
- https://git.kernel.org/stable/c/e01e3934a1b2d122919f73bc6ddbe1cdafc4bbdb
- https://www.cve.org/CVERecord?id=CVE-2024-26585
- https://ubuntu.com/security/notices/USN-6818-1
- https://ubuntu.com/security/notices/USN-6819-1
- https://ubuntu.com/security/notices/USN-6820-1
- https://ubuntu.com/security/notices/USN-6821-1
- https://ubuntu.com/security/notices/USN-6818-2
- https://ubuntu.com/security/notices/USN-6821-2
- https://ubuntu.com/security/notices/USN-6828-1
- https://ubuntu.com/security/notices/USN-6820-2
- https://ubuntu.com/security/notices/USN-6821-3
- https://ubuntu.com/security/notices/USN-6819-2
- https://ubuntu.com/security/notices/USN-6819-3
- https://ubuntu.com/security/notices/USN-6818-3
- https://ubuntu.com/security/notices/USN-6821-4
- https://ubuntu.com/security/notices/USN-6818-4
- https://ubuntu.com/security/notices/USN-6819-4
- https://ubuntu.com/security/notices/USN-6871-1
- https://ubuntu.com/security/notices/USN-6892-1
- https://ubuntu.com/security/notices/USN-6919-1
- https://ubuntu.com/security/notices/USN-6924-1
- https://ubuntu.com/security/notices/USN-6924-2
- https://ubuntu.com/security/notices/USN-6953-1
- https://ubuntu.com/security/notices/USN-6979-1