CVE-2024-58239

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-58239
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58239.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-58239
Downstream
Related
Published
2025-08-22T13:01:17.440Z
Modified
2026-03-20T12:39:59.721091Z
Summary
tls: stop recv() if initial process_rx_list gave us non-DATA
Details

In the Linux kernel, the following vulnerability has been resolved:

tls: stop recv() if initial processrxlist gave us non-DATA

If we have a non-DATA record on the rxlist and another record of the same type still on the queue, we will end up merging them: - processrx_list copies the non-DATA record - we start the loop and process the first available record since it's of the same type - we break out of the loop since the record was not DATA

Just check the record type and jump to the end in case processrxlist did some work.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/58xxx/CVE-2024-58239.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
692d7b5d1f9125a1cf0595e979e3b5fb7210547e
Fixed
f310143961e2d9a0479fca117ce869f8aaecc140
Fixed
31e10d6cb0c9532ff070cf50da1657c3acee9276
Fixed
4338032aa90bd1d5b33a4274e8fa8347cda5ee09
Fixed
6756168add1c6c3ef1c32c335bb843a5d1f99a75
Fixed
3b952d8fdfcf6fd8ea0b8954bc9277642cf0977f
Fixed
a4ed943882a8fc057ea5a67643314245e048bbdd
Fixed
fdfbaec5923d9359698cbb286bc0deadbb717504

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-58239.json"