[Kernel-packages] [Bug 2120516] Re: TLS socket disconnection causes various issues

Sat, 18 Oct 2025 12:17:30 -0700 

This bug was fixed in the package linux - 6.8.0-85.85

---------------
linux (6.8.0-85.85) noble; urgency=medium

  * noble/linux: 6.8.0-85.85 -proposed tracker (LP: #2125109)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log

  * CVE-2025-38500
    - xfrm: interface: fix use-after-free after changing collect_md xfrm
      interface

  * TLS socket disconnection causes various issues (LP: #2120516) //
    CVE-2025-37756
    - net: tls: explicitly disallow disconnect

  * CVE-2025-38477
    - net/sched: sch_qfq: Fix race condition on qfq_aggregate
    - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in
      qfq_delete_class

  * CVE-2025-38618
    - vsock: Do not allow binding to VMADDR_PORT_ANY

  * CVE-2025-38617
    - net/packet: fix a race in packet_set_ring() and packet_notifier()

  * CVE-2025-37785
    - ext4: fix OOB read when checking dotdot dir

 -- Manuel Diewald <[email protected]>  Thu, 18 Sep 2025
14:48:00 +0200

** Changed in: linux (Ubuntu Noble)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.org/CVERecord?id=CVE-2025-37756

** CVE added: https://cve.org/CVERecord?id=CVE-2025-37785

** CVE added: https://cve.org/CVERecord?id=CVE-2025-38477

** CVE added: https://cve.org/CVERecord?id=CVE-2025-38500

** CVE added: https://cve.org/CVERecord?id=CVE-2025-38617

** CVE added: https://cve.org/CVERecord?id=CVE-2025-38618

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2120516

Title:
  TLS socket disconnection causes various issues

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Noble:
  Fix Released

Bug description:
  BugLink: https://bugs.launchpad.net/bugs/2120516

  [Impact]

  Disconnect a kernel TLS socket causes various unexpected issues.

  [Fix]

  This has been fixed by upstream:

  commit 5071a1e606b30c0c11278d3c6620cd6a24724cf6
  Author: Jakub Kicinski <[email protected]>
  Date:   Fri Apr 4 11:03:33 2025 -0700

      net: tls: explicitly disallow disconnect

      syzbot discovered that it can disconnect a TLS socket and then
      run into all sort of unexpected corner cases. I have a vague
      recollection of Eric pointing this out to us a long time ago.
      Supporting disconnect is really hard, for one thing if offload
      is enabled we'd need to wait for all packets to be _acked_.
      Disconnect is not commonly used, disallow it.

  It's also CVE 2025-37756 and has been SRU to 5.15 jammy kernel.
  6.14 Pluky kernel also has this commit. 

  [Test Plan]

  Use ktls_test tool to verify the basic kernel tls function
  https://github.com/insanum/ktls_test.git

  [Where problems could occur]

  This commit only adds disconnect function and return not support directly, 
shouldn't have any regression.
  If there is something wrong, it's in the disconnect stage, the impact should 
be minor.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2120516/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to