Volerion logoVolerion
Volerion logoVolerion

Linux Kernel TLS Transmission Lock Hang Prevention Vulnerability

Vulnerability

A vulnerability in the Linux kernel's TLS implementation can lead to tasks hanging indefinitely on the transmission lock. This issue arises because an adversarial receiver may keep the receive window at zero for an extended period, preventing forward progress. As a result, a thread that acquires the transmission lock and then goes to sleep may not release the lock for hours. The vulnerability affects the Linux kernel stable tree.

Impact

The vulnerability can cause tasks to hang indefinitely, leading to potential deadlocks in the TLS transmission process.

Reproduction

The vulnerability can be reproduced by simulating a scenario where the receive window is kept at zero for a prolonged period. This can be done by using a network condition that mimics this behavior, causing a thread to acquire the transmission lock and then sleep, without releasing the lock for an extended time.

Remediation

The vulnerability has been addressed in the Linux kernel. Users can upgrade to the latest version of the stable kernel to apply the fix.

Added: Dec 30, 2025, 2:06 PM
Updated: Dec 30, 2025, 2:06 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
2.5
exploitability
5.7
remediation
7.7
relevance
1.7
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.