Linux Kernel TLS Use-After-Free Vulnerability in Encryption Error Handling

A use-after-free vulnerability has been identified in the Linux kernel's TLS implementation, specifically in the error handling of the encryption process. This issue arises in versions of the Linux kernel prior to the latest stable release, within the net/tls component. The vulnerability is caused by a double cleanup of the encryption pending state and the scatterlist entry when the encryption function encounters a busy error. This flaw can be exploited by freeing a TLS record while an asynchronous encryption callback is still pending, leading to a use-after-free condition.

Impact

Exploitation of this vulnerability causes a use-after-free condition, where a freed memory area is accessed, potentially leading to arbitrary code execution or memory corruption.

Reproduction

To reproduce this vulnerability, initiate a TLS encryption process and simulate a busy error response from the encryption function. This can be done by manipulating the encryption request to return a busy status, which will enqueue the request to the cryptographic backlog. Once the asynchronous callback is triggered, it will restore the scatterlist entry and decrement the encryption pending count. However, if an error is introduced at this stage, the synchronous error handling will perform the same cleanup again, creating a double-decrement situation. This corruption of the encryption pending state can be exploited by sending a message that frees the TLS record through a BPF verdict, while the cryptographic callback is still processing, resulting in a use-after-free condition.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been patched. Instructions for downloading the latest kernel version can be found on the official Linux kernel website.