On Fri, 24 Feb 2023 13:06:06 +0100 Florian Westphal wrote:

Hangyu Hua [off-list ref] wrote:

quoted

ctx->crypto_send.info is not protected by lock_sock in
do_tls_getsockopt_conf(). A race condition between do_tls_getsockopt_conf()
and do_tls_setsockopt_conf() can cause a NULL point dereference or
use-after-free read when memcpy.  

Its good practice to quote the relevant parts of the splat here.

Right, the bug and the fix seem completely bogus.
Please make sure the bugs are real and the fixes you sent actually 
fix them.