CVE-2025-40176

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> tls: wait for pending async decryptions if tls_strp_msg_hold fails<br /> <br /> Async decryption calls tls_strp_msg_hold to create a clone of the<br /> input skb to hold references to the memory it uses. If we fail to<br /> allocate that clone, proceeding with async decryption can lead to<br /> various issues (UAF on the skb, writing into userspace memory after<br /> the recv() call has returned).<br /> <br /> In this case, wait for all pending decryption requests.