Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2024-58240

UNKNOWN
Published 2025-08-28T09:40:33.466Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-58240. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

In the Linux kernel, the following vulnerability has been resolved:

tls: separate no-async decryption request handling from async

If we're not doing async, the handling is much simpler. There's no
reference counting, we just need to wait for the completion to wake us
up and return its result.

We should preferably also use a separate crypto_wait. I'm not seeing a
UAF as I did in the past, I think aec7961916f3 ("tls: fix race between
async notify and socket close") took care of it.

This will make the next fix easier.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Linux

Linux

Affected Versions:

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux

Linux

Affected Versions:

6.1.149 6.6.21 6.7.9 6.8

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

Not EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

In the Linux kernel, the following vulnerability has been resolved:

tls: separate no-async decryption request handling from async

If we're not doing async, the handling is much simpler. There's no
reference counting, we just need to wait for the completion to wake us
up and return its result.

We should preferably also use a separate crypto_wait. I'm not seeing a
UAF as I did in the past, I think aec7961916f3 ("tls: fix race between
async notify and socket close") took care of it.

This will make the next fix easier.

Affected Products (ENISA)

linux
linux

ENISA Scoring

EPSS Score

0.020
probability

ENISA References

https://git.kernel.org/stable/c/dec5b6e7b211e405d3bcb504562ab21aa7e5a64d
https://git.kernel.org/stable/c/999115298017a675d8ddf61414fc7a85c89f1186
https://git.kernel.org/stable/c/41532b785e9d79636b3815a64ddf6a096647d011
https://git.kernel.org/stable/c/48905146d11dbf1ddbb2967319016a83976953f5

Data provided by ENISA EU Vulnerability Database. Last updated: August 28, 2025

Social Media Intelligence

Real-time discussions and threat intelligence from social platforms

1 post
Reddit 5 hours, 28 minutes ago
crstux
Exploit Payload

🔥 Top 10 Trending CVEs (09/09/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-47178](https://nvd.nist.gov/vuln/detail/CVE-2025-47178)** - 📝 Microsoft Configuration Manager Remote Code Execution Vulnerability - 📅 **Published:** 08/07/2025 - 📈 **CVSS:** 8 - 🧭 **Vector:** CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C - 📣 **Mentions:** 16 - ⚠️ **Priority:** 2 - …

Also mentions: CVE-2025-42957 CVE-2025-53770 CVE-2025-47178 CVE-2025-37752 CVE-2024-30088 CVE-2024-26169
1
1.0
View Original High Risk

References

https://git.kernel.org/stable/c/48905146d11dbf1ddbb2967319016a83976953f5
https://git.kernel.org/stable/c/dec5b6e7b211e405d3bcb504562ab21aa7e5a64d
https://git.kernel.org/stable/c/999115298017a675d8ddf61414fc7a85c89f1186
https://git.kernel.org/stable/c/41532b785e9d79636b3815a64ddf6a096647d011
Published: 2025-08-28T09:40:33.466Z
Last Modified: 2025-08-28T14:42:46.015Z
Copied to clipboard!