)]}'
{
  "commit": "e0aeb6772ffabffa654fb3039d17167686a5d4b6",
  "tree": "e06e3f30e0af8636a7f0a8f38e7aedf0f6f1d6f5",
  "parents": [
    "eddc0fccc31df391bcbae8045bbee039ed084e8f"
  ],
  "author": {
    "name": "Muhammad Alifa Ramdhan",
    "email": "ramdhan@starlabs.sg",
    "time": "Fri Apr 03 09:36:17 2026 +0800"
  },
  "committer": {
    "name": "He Gao",
    "email": "hegao@google.com",
    "time": "Mon Apr 20 16:26:21 2026 -0700"
  },
  "message": "net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption\n\ncommit a9b8b18364fffce4c451e6f6fd218fa4ab646705 upstream.\n\nThe -EBUSY handling in tls_do_encryption(), introduced by commit\n859054147318 (\"net: tls: handle backlogging of crypto requests\"), has\na use-after-free due to double cleanup of encrypt_pending and the\nscatterlist entry.\n\nWhen crypto_aead_encrypt() returns -EBUSY, the request is enqueued to\nthe cryptd backlog and the async callback tls_encrypt_done() will be\ninvoked upon completion. That callback unconditionally restores the\nscatterlist entry (sge-\u003eoffset, sge-\u003elength) and decrements\nctx-\u003eencrypt_pending. However, if tls_encrypt_async_wait() returns an\nerror, the synchronous error path in tls_do_encryption() performs the\nsame cleanup again, double-decrementing encrypt_pending and\ndouble-restoring the scatterlist.\n\nThe double-decrement corrupts the encrypt_pending sentinel (initialized\nto 1), making tls_encrypt_async_wait() permanently skip the wait for\npending async callbacks. A subsequent sendmsg can then free the\ntls_rec via bpf_exec_tx_verdict() while a cryptd callback is still\npending, resulting in a use-after-free when the callback fires on the\nfreed record.\n\nFix this by skipping the synchronous cleanup when the -EBUSY async\nwait returns an error, since the callback has already handled\nencrypt_pending and sge restoration.\n\nBUG\u003db/504611877\nTEST\u003dpresubmit\nRELEASE_NOTE\u003dFixed KCTF-a9b8b18 in the Linux kernel.\n\ncos-patch: security-high\nFixes: 859054147318 (\"net: tls: handle backlogging of crypto requests\")\nChange-Id: Ic8493531c947da8564e5e37327b6de7a727d6be4\nSigned-off-by: Muhammad Alifa Ramdhan \u003cramdhan@starlabs.sg\u003e\nSigned-off-by: Paolo Abeni \u003cpabeni@redhat.com\u003e\nSigned-off-by: Greg Kroah-Hartman \u003cgregkh@linuxfoundation.org\u003e\nReviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/144923\nTested-by: Cusky Presubmit Bot \u003cpresubmit@cos-infra-prod.iam.gserviceaccount.com\u003e\nReviewed-by: Angel Adetula \u003cangeladetula@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "dc57b31a5fe5c0b2e8921cd05bff710a8abecad3",
      "old_mode": 33188,
      "old_path": "net/tls/tls_sw.c",
      "new_id": "d86a487065e925ee0098ee4299f9e6952fbada64",
      "new_mode": 33188,
      "new_path": "net/tls/tls_sw.c"
    }
  ]
}