CVE-2024-26584

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: tls: handle backlogging of crypto requests<br /> <br /> Since we&amp;#39;re setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on our<br /> requests to the crypto API, crypto_aead_{encrypt,decrypt} can return<br /> -EBUSY instead of -EINPROGRESS in valid situations. For example, when<br /> the cryptd queue for AESNI is full (easy to trigger with an<br /> artificially low cryptd.cryptd_max_cpu_qlen), requests will be enqueued<br /> to the backlog but still processed. In that case, the async callback<br /> will also be called twice: first with err == -EINPROGRESS, which it<br /> seems we can just ignore, then with err == 0.<br /> <br /> Compared to Sabrina&amp;#39;s original patch this version uses the new<br /> tls_*crypt_async_wait() helpers and converts the EBUSY to<br /> EINPROGRESS to avoid having to modify all the error handling<br /> paths. The handling is identical.