CVE-2024-35908

Published: May 19, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: tls: get psock ref after taking rxlock to avoid leak At the start of tls_sw_recvmsg, we take a reference on the psock, and then call tls_rx_reader_lock. If that fails, we return directly without releasing the reference. Instead of adding a new label, just take the reference after locking has succeeded, since we don't need it before.

Vendor	Product	Versions
Linux	Linux	affected `4cbc325ed6b4dce4910be06d9d6940a8b919c59b - < 30fabe50a7ace3e9d57cf7f9288f33ea408491c8` affected `4cbc325ed6b4dce4910be06d9d6940a8b919c59b - < f1b7f14130d782433bc98c1e1e41ce6b4d4c3096` affected `4cbc325ed6b4dce4910be06d9d6940a8b919c59b - < b565d294e3d5aa809566a4d819835da11997d8b3` affected `4cbc325ed6b4dce4910be06d9d6940a8b919c59b - < 417e91e856099e9b8a42a2520e2255e6afe024be`
Linux	Linux	affected `6.0` unaffected `0 - < 6.0` unaffected `6.1.85 - <= 6.1.` unaffected `6.6.26 - <= 6.6.` unaffected `6.8.5 - <= 6.8.*` +1 more versions

References

https://git.kernel.org/stable/c/30fabe50a7ace3e9d57cf7f9288f33ea408491c8

https://git.kernel.org/stable/c/f1b7f14130d782433bc98c1e1e41ce6b4d4c3096

https://git.kernel.org/stable/c/b565d294e3d5aa809566a4d819835da11997d8b3

https://git.kernel.org/stable/c/417e91e856099e9b8a42a2520e2255e6afe024be

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-35908

Description

Affected Products

References