Linux Kernel TLS Zero-Length Record Handling Vulnerability

A vulnerability in the Linux kernel's TLS implementation has been addressed. The issue arose in the handling of zero-length records within the receive message (recvmsg) process. Each recvmsg call is required to manage either a series of contiguous data records or a single non-data record. If a record type changes during processing, the loop exits prematurely. In TLS 1.3, where record types are not known until after decryption, already-decrypted records are queued for the next recvmsg call. However, zero-length records from the rx_list pose a unique challenge, as they cannot be queued after zero-copy decryption, which sends data directly to the user space without an associated socket buffer for metadata. This vulnerability could lead to improper record type handling, particularly when zero-length records are involved.

Impact

This vulnerability could cause incorrect processing of TLS records, potentially leading to protocol errors or data corruption.

Reproduction

The vulnerability can be reproduced by sending zero-length TLS records that are processed by the recvmsg function. This can be done by manipulating the TLS record layer to include zero-length records, particularly in a TLS 1.3 context where record types are not known until after decryption. The zero-length records can be queued in the rx_list, and when the recvmsg function processes them, the vulnerability will manifest as improper handling of the record types.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the official Linux kernel website.