Public bug reported: BugLink: https://bugs.launchpad.net/bugs/2120516
[Impact] Disconnect a kernel TLS socket causes various unexpected issues. [Fix] This has been fixed by upstream: commit 5071a1e606b30c0c11278d3c6620cd6a24724cf6 Author: Jakub Kicinski <[email protected]> Date: Fri Apr 4 11:03:33 2025 -0700 net: tls: explicitly disallow disconnect syzbot discovered that it can disconnect a TLS socket and then run into all sort of unexpected corner cases. I have a vague recollection of Eric pointing this out to us a long time ago. Supporting disconnect is really hard, for one thing if offload is enabled we'd need to wait for all packets to be _acked_. Disconnect is not commonly used, disallow it. It's also CVE 2025-37756 and has been SRU to 5.15 jammy kernel. [Test Plan] Use ktls_test tool to verify the basic kernel tls function https://github.com/insanum/ktls_test.git [Where problems could occur] This commit only adds disconnect function and return not support directly, shouldn't have any regression. If there is something wrong, it's in the disconnect stage, the impact should be minor. ** Affects: linux (Ubuntu) Importance: Undecided Assignee: gerald.yang (gerald-yang-tw) Status: In Progress ** Affects: linux (Ubuntu Noble) Importance: Undecided Assignee: gerald.yang (gerald-yang-tw) Status: In Progress ** Description changed: - BugLink: https://bugs.launchpad.net/bugs/ + BugLink: https://bugs.launchpad.net/bugs/2120516 [Impact] Disconnect a kernel TLS socket causes various unexpected issues. - [Fix] This has been fixed by upstream: commit 5071a1e606b30c0c11278d3c6620cd6a24724cf6 Author: Jakub Kicinski <[email protected]> Date: Fri Apr 4 11:03:33 2025 -0700 - net: tls: explicitly disallow disconnect - - syzbot discovered that it can disconnect a TLS socket and then - run into all sort of unexpected corner cases. I have a vague - recollection of Eric pointing this out to us a long time ago. - Supporting disconnect is really hard, for one thing if offload - is enabled we'd need to wait for all packets to be _acked_. - Disconnect is not commonly used, disallow it. + net: tls: explicitly disallow disconnect + + syzbot discovered that it can disconnect a TLS socket and then + run into all sort of unexpected corner cases. I have a vague + recollection of Eric pointing this out to us a long time ago. + Supporting disconnect is really hard, for one thing if offload + is enabled we'd need to wait for all packets to be _acked_. + Disconnect is not commonly used, disallow it. It's also CVE 2025-37756 and has been SRU to 5.15 jammy kernel. - [Test Plan] Use ktls_test tool to verify the basic kernel tls function https://github.com/insanum/ktls_test.git - [Where problems could occur] This commit only adds disconnect function and return not support directly, shouldn't have any regression. If there is something wrong, it's in the disconnect stage, the impact should be minor. ** Description changed: BugLink: https://bugs.launchpad.net/bugs/2120516 [Impact] Disconnect a kernel TLS socket causes various unexpected issues. [Fix] + This has been fixed by upstream: commit 5071a1e606b30c0c11278d3c6620cd6a24724cf6 Author: Jakub Kicinski <[email protected]> Date: Fri Apr 4 11:03:33 2025 -0700 net: tls: explicitly disallow disconnect syzbot discovered that it can disconnect a TLS socket and then run into all sort of unexpected corner cases. I have a vague recollection of Eric pointing this out to us a long time ago. Supporting disconnect is really hard, for one thing if offload is enabled we'd need to wait for all packets to be _acked_. Disconnect is not commonly used, disallow it. It's also CVE 2025-37756 and has been SRU to 5.15 jammy kernel. [Test Plan] Use ktls_test tool to verify the basic kernel tls function https://github.com/insanum/ktls_test.git [Where problems could occur] This commit only adds disconnect function and return not support directly, shouldn't have any regression. If there is something wrong, it's in the disconnect stage, the impact should be minor. ** Changed in: linux (Ubuntu) Status: New => In Progress ** Changed in: linux (Ubuntu) Assignee: (unassigned) => gerald.yang (gerald-yang-tw) ** Also affects: linux (Ubuntu Noble) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Noble) Status: New => In Progress ** Changed in: linux (Ubuntu Noble) Assignee: (unassigned) => gerald.yang (gerald-yang-tw) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2120516 Title: Explicitly disallow disconnect Status in linux package in Ubuntu: In Progress Status in linux source package in Noble: In Progress Bug description: BugLink: https://bugs.launchpad.net/bugs/2120516 [Impact] Disconnect a kernel TLS socket causes various unexpected issues. [Fix] This has been fixed by upstream: commit 5071a1e606b30c0c11278d3c6620cd6a24724cf6 Author: Jakub Kicinski <[email protected]> Date: Fri Apr 4 11:03:33 2025 -0700 net: tls: explicitly disallow disconnect syzbot discovered that it can disconnect a TLS socket and then run into all sort of unexpected corner cases. I have a vague recollection of Eric pointing this out to us a long time ago. Supporting disconnect is really hard, for one thing if offload is enabled we'd need to wait for all packets to be _acked_. Disconnect is not commonly used, disallow it. It's also CVE 2025-37756 and has been SRU to 5.15 jammy kernel. [Test Plan] Use ktls_test tool to verify the basic kernel tls function https://github.com/insanum/ktls_test.git [Where problems could occur] This commit only adds disconnect function and return not support directly, shouldn't have any regression. If there is something wrong, it's in the disconnect stage, the impact should be minor. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2120516/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
