git.ipfire.org Git - thirdparty/haproxy.git/commit

]> git.ipfire.org Git - thirdparty/haproxy.git/commit

projects / thirdparty / haproxy.git / commit

author	Frederic Lecaille <flecaille@haproxy.com>
	Fri, 13 Feb 2026 12:30:24 +0000 (13:30 +0100)
committer	Frederic Lecaille <flecaille@haproxy.com>
	Wed, 18 Feb 2026 14:37:13 +0000 (15:37 +0100)
commit	3e6d030ce281bbd3e4d8205171fb0fa678cad306
tree	8674407bd864dc19e1309221afe42100862f8cc0	tree
parent	dfe1de4335f12d8ce436b906b2b6cddfcb8274c9	commit \| diff

BUG/MEDIUM: ssl: SSL backend sessions used after free

This bug impacts only the backends. The sessions cached could be used after been
freed because of a missing write lock into ssl_sock_handle_hs_error() when freeing
such objects. This issue could be rarely reproduced and only with QUIC with
difficulties (random CRYPTO data corruptions and instrumented code).

Must be backported as far as 2.6.

src/ssl_sock.c

diff | blob | blame | history

Mirror of https://github.com/haproxy/haproxy.git

RSS Atom