{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T20:09:59.558","vulnerabilities":[{"cve":{"id":"CVE-2024-26584","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-02-21T15:15:09.420","lastModified":"2025-11-04T19:17:01.737","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tls: handle backlogging of crypto requests\n\nSince we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our\nrequests to the crypto API, crypto_aead_{encrypt,decrypt} can return\n -EBUSY instead of -EINPROGRESS in valid situations. For example, when\nthe cryptd queue for AESNI is full (easy to trigger with an\nartificially low cryptd.cryptd_max_cpu_qlen), requests will be enqueued\nto the backlog but still processed. In that case, the async callback\nwill also be called twice: first with err == -EINPROGRESS, which it\nseems we can just ignore, then with err == 0.\n\nCompared to Sabrina's original patch this version uses the new\ntls_*crypt_async_wait() helpers and converts the EBUSY to\nEINPROGRESS to avoid having to modify all the error handling\npaths. The handling is identical."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: tls: manejar el retraso de solicitudes criptográficas Dado que estamos configurando el indicador CRYPTO_TFM_REQ_MAY_BACKLOG en nuestras solicitudes a la API criptográfica, crypto_aead_{encrypt,decrypt} puede devolver -EBUSY en lugar de - EINPROGRESS en situaciones válidas. Por ejemplo, cuando la cola cryptd para AESNI está llena (fácil de activar con un cryptd.cryptd_max_cpu_qlen artificialmente bajo), las solicitudes se pondrán en cola en el trabajo pendiente, pero aún así se procesarán. En ese caso, la devolución de llamada asíncrona también se llamará dos veces: primero con err == -EINPROGRESS, que parece que podemos ignorar, luego con err == 0. En comparación con el parche original de Sabrina, esta versión usa el nuevo tls_*crypt_async_wait( ) ayuda y convierte EBUSY a EINPROGRESS para evitar tener que modificar todas las rutas de manejo de errores. El manejo es idéntico."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-755"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.16.0","versionEndExcluding":"6.1.84","matchCriteriaId":"6F1F2625-29D5-4FED-B7F5-6087227ABCB3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.0","versionEndExcluding":"6.6.18","matchCriteriaId":"A5CC150E-F35C-4CF7-ADF5-422D32C511C2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7.0","versionEndExcluding":"6.7.6","matchCriteriaId":"0C8D1FAD-4D5D-4A25-B058-2AD15082710E"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/13eca403876bbea3716e82cdfe6f1e6febb38754","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3ade391adc584f17b5570fd205de3ad029090368","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/8590541473188741055d27b955db0777569438e3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ab6397f072e5097f267abf5cb08a8004e6b17694","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cd1bbca03f3c1d845ce274c0d0a66de8e5929f72","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/13eca403876bbea3716e82cdfe6f1e6febb38754","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3ade391adc584f17b5570fd205de3ad029090368","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://git.kernel.org/stable/c/8590541473188741055d27b955db0777569438e3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ab6397f072e5097f267abf5cb08a8004e6b17694","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cd1bbca03f3c1d845ce274c0d0a66de8e5929f72","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZOU3745CWCDZ7EMKMXB2OEEIB5Q3IWM/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}