From 07f4c1b44e65e4c112b7f1acccd107a49a532af5 Mon Sep 17 00:00:00 2001
From: Jeremy Newton <alexjnewt@hotmail.com>
Date: Fri, 31 Oct 2025 22:09:52 -0400
Subject: [PATCH] mbedtls: CVE-2025-52496 fix

Backported from 3.6.x

Fixes a race condition
---
 Externals/mbedtls/library/aesni.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/Externals/mbedtls/library/aesni.c b/Externals/mbedtls/library/aesni.c
index 7491f8d980..bc6165069f 100644
--- a/Externals/mbedtls/library/aesni.c
+++ b/Externals/mbedtls/library/aesni.c
@@ -42,8 +42,12 @@
  */
 int mbedtls_aesni_has_support(unsigned int what)
 {
-    static int done = 0;
-    static unsigned int c = 0;
+    /* To avoid a race condition, tell the compiler that the assignment
+     * `done = 1` and the assignment to `c` may not be reordered.
+     * https://github.com/Mbed-TLS/mbedtls/issues/9840
+     */
+    static volatile int done = 0;
+    static volatile unsigned int c = 0;
 
     if (!done) {
 #if MBEDTLS_AESNI_HAVE_CODE == 2