CVE-2024-58240

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> tls: separate no-async decryption request handling from async<br /> <br /> If we&amp;#39;re not doing async, the handling is much simpler. There&amp;#39;s no<br /> reference counting, we just need to wait for the completion to wake us<br /> up and return its result.<br /> <br /> We should preferably also use a separate crypto_wait. I&amp;#39;m not seeing a<br /> UAF as I did in the past, I think aec7961916f3 ("tls: fix race between<br /> async notify and socket close") took care of it.<br /> <br /> This will make the next fix easier.