Public bug reported: BugLink: https://bugs.launchpad.net/bugs/2120516
[Impact] Disconnect a kernel TLS socket causes various unexpected issues. [Fix] This has been fixed by upstream: commit 5071a1e606b30c0c11278d3c6620cd6a24724cf6 Author: Jakub Kicinski <[email protected]> Date: Fri Apr 4 11:03:33 2025 -0700 net: tls: explicitly disallow disconnect syzbot discovered that it can disconnect a TLS socket and then run into all sort of unexpected corner cases. I have a vague recollection of Eric pointing this out to us a long time ago. Supporting disconnect is really hard, for one thing if offload is enabled we'd need to wait for all packets to be _acked_. Disconnect is not commonly used, disallow it. It's also CVE 2025-37756 and has been SRU to 5.15 jammy kernel. [Test Plan] Use ktls_test tool to verify the basic kernel tls function https://github.com/insanum/ktls_test.git [Where problems could occur] This commit only adds disconnect function and return not support directly, shouldn't have any regression. If there is something wrong, it's in the disconnect stage, the impact should be minor. ** Affects: linux (Ubuntu) Importance: Undecided Assignee: gerald.yang (gerald-yang-tw) Status: In Progress ** Affects: linux (Ubuntu Noble) Importance: Undecided Assignee: gerald.yang (gerald-yang-tw) Status: In Progress ** Description changed: - BugLink: https://bugs.launchpad.net/bugs/ + BugLink: https://bugs.launchpad.net/bugs/2120516 [Impact] Disconnect a kernel TLS socket causes various unexpected issues. - [Fix] This has been fixed by upstream: commit 5071a1e606b30c0c11278d3c6620cd6a24724cf6 Author: Jakub Kicinski <[email protected]> Date: Fri Apr 4 11:03:33 2025 -0700 - net: tls: explicitly disallow disconnect - - syzbot discovered that it can disconnect a TLS socket and then - run into all sort of unexpected corner cases. I have a vague - recollection of Eric pointing this out to us a long time ago. - Supporting disconnect is really hard, for one thing if offload - is enabled we'd need to wait for all packets to be _acked_. - Disconnect is not commonly used, disallow it. + net: tls: explicitly disallow disconnect + + syzbot discovered that it can disconnect a TLS socket and then + run into all sort of unexpected corner cases. I have a vague + recollection of Eric pointing this out to us a long time ago. + Supporting disconnect is really hard, for one thing if offload + is enabled we'd need to wait for all packets to be _acked_. + Disconnect is not commonly used, disallow it. It's also CVE 2025-37756 and has been SRU to 5.15 jammy kernel. - [Test Plan] Use ktls_test tool to verify the basic kernel tls function https://github.com/insanum/ktls_test.git - [Where problems could occur] This commit only adds disconnect function and return not support directly, shouldn't have any regression. If there is something wrong, it's in the disconnect stage, the impact should be minor. ** Description changed: BugLink: https://bugs.launchpad.net/bugs/2120516 [Impact] Disconnect a kernel TLS socket causes various unexpected issues. [Fix] + This has been fixed by upstream: commit 5071a1e606b30c0c11278d3c6620cd6a24724cf6 Author: Jakub Kicinski <[email protected]> Date: Fri Apr 4 11:03:33 2025 -0700 net: tls: explicitly disallow disconnect syzbot discovered that it can disconnect a TLS socket and then run into all sort of unexpected corner cases. I have a vague recollection of Eric pointing this out to us a long time ago. Supporting disconnect is really hard, for one thing if offload is enabled we'd need to wait for all packets to be _acked_. Disconnect is not commonly used, disallow it. It's also CVE 2025-37756 and has been SRU to 5.15 jammy kernel. [Test Plan] Use ktls_test tool to verify the basic kernel tls function https://github.com/insanum/ktls_test.git [Where problems could occur] This commit only adds disconnect function and return not support directly, shouldn't have any regression. If there is something wrong, it's in the disconnect stage, the impact should be minor. ** Changed in: linux (Ubuntu) Status: New => In Progress ** Changed in: linux (Ubuntu) Assignee: (unassigned) => gerald.yang (gerald-yang-tw) ** Also affects: linux (Ubuntu Noble) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Noble) Status: New => In Progress ** Changed in: linux (Ubuntu Noble) Assignee: (unassigned) => gerald.yang (gerald-yang-tw) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2120516 Title: Explicitly disallow disconnect To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2120516/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
