CVE-2024-58240
Description
In the Linux kernel, the following vulnerability has been resolved:
tls: separate no-async decryption request handling from async
If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result.
We should preferably also use a separate crypto_wait. I'm not seeing a UAF as I did in the past, I think aec7961916f3 ("tls: fix race between async notify and socket close") took care of it.
This will make the next fix easier.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A race condition in the Linux kernel's TLS subsystem due to improper handling of async and non-async decryption requests could lead to a use-after-free or other memory corruption.
Vulnerability
Overview
The vulnerability resides in the Linux kernel's TLS (Transport Layer Security) implementation. The issue stems from the mishandling of decryption request paths: asynchronous (async) and non-async requests were not properly separated. Specifically, the code did not use a dedicated crypto_wait structure for non-async requests, potentially leading to race conditions where completion handlers could be corrupted or misused [1].
Exploitation
Conditions
Exploitation requires the ability to trigger TLS decryption operations in the kernel, which typically involves network access to a system using TLS-enabled sockets. An attacker would need to send crafted network traffic that forces the kernel to handle decryption requests in a way that exposes the race condition. No special privileges beyond network connectivity are necessary, but the attack surface is limited to systems where TLS offloading or kernel TLS (kTLS) is in use.
Impact
A successful exploit could result in a use-after-free (UAF) condition, allowing an attacker to corrupt kernel memory. The description references a prior fix (aec7961916f3) that addressed a similar UAF scenario, indicating that this vulnerability could potentially be leveraged for privilege escalation or denial of service. The exact impact depends on kernel memory layout and exploitability.
Mitigation
Patches have been committed to the Linux kernel stable tree [2][3][4]. Users should apply the latest kernel updates from their distribution. The vulnerability affects any system using kernel TLS, including servers and devices like Siemens SIMATIC CN 4100 (all versions < V5.0) [1]. Administrators are advised to update to a fixed kernel version promptly.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Linux/Linuxv5Range: 4.13
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- git.kernel.org/stable/c/41532b785e9d79636b3815a64ddf6a096647d011nvdPatch
- git.kernel.org/stable/c/48905146d11dbf1ddbb2967319016a83976953f5nvdPatch
- git.kernel.org/stable/c/999115298017a675d8ddf61414fc7a85c89f1186nvdPatch
- git.kernel.org/stable/c/dec5b6e7b211e405d3bcb504562ab21aa7e5a64dnvdPatch
- lists.debian.org/debian-lts-announce/2025/10/msg00008.htmlnvdThird Party Advisory
- cert-portal.siemens.com/productcert/html/ssa-032379.htmlnvd
News mentions
1- Siemens SIMATICCISA ICS Advisories