This bug is awaiting verification that the linux-azure- fips/6.8.0-1042.48+fips1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-noble-linux-azure-fips' to 'verification-done-noble-linux-azure-fips'. If the problem still exists, change the tag 'verification-needed-noble-linux-azure-fips' to 'verification-failed-noble-linux-azure-fips'.
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: kernel-spammed-noble-linux-azure-fips-v2 verification-needed-noble-linux-azure-fips -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2120516 Title: TLS socket disconnection causes various issues Status in linux package in Ubuntu: Fix Released Status in linux source package in Noble: Fix Released Bug description: BugLink: https://bugs.launchpad.net/bugs/2120516 [Impact] Disconnect a kernel TLS socket causes various unexpected issues. [Fix] This has been fixed by upstream: commit 5071a1e606b30c0c11278d3c6620cd6a24724cf6 Author: Jakub Kicinski <[email protected]> Date: Fri Apr 4 11:03:33 2025 -0700 net: tls: explicitly disallow disconnect syzbot discovered that it can disconnect a TLS socket and then run into all sort of unexpected corner cases. I have a vague recollection of Eric pointing this out to us a long time ago. Supporting disconnect is really hard, for one thing if offload is enabled we'd need to wait for all packets to be _acked_. Disconnect is not commonly used, disallow it. It's also CVE 2025-37756 and has been SRU to 5.15 jammy kernel. 6.14 Pluky kernel also has this commit. [Test Plan] Use ktls_test tool to verify the basic kernel tls function https://github.com/insanum/ktls_test.git [Where problems could occur] This commit only adds disconnect function and return not support directly, shouldn't have any regression. If there is something wrong, it's in the disconnect stage, the impact should be minor. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2120516/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
