504 matches found
CVE-2022-50824
In the Linux kernel, the following vulnerability has been resolved: tpm: tpmtis: Add the missed acpiputtable to fix memory leak In checkacpitpm2, we get the TPM2 table just to make sure the table is there, not used after the init, so the acpiputtable should be added to release the ACPI memory...
CVE-2022-50824
In the Linux kernel, the following vulnerability has been resolved: tpm: tpmtis: Add the missed acpiputtable to fix memory leak In checkacpitpm2, we get the TPM2 table just to make sure the table is there, not used after the init, so the acpiputtable should be added to release the ACPI memory...
UBUNTU-CVE-2022-50824
In the Linux kernel, the following vulnerability has been resolved: tpm: tpmtis: Add the missed acpiputtable to fix memory leak In checkacpitpm2, we get the TPM2 table just to make sure the table is there, not used after the init, so the acpiputtable should be added to release the ACPI memory...
CVE-2023-54309 tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation
In the Linux kernel, the following vulnerability has been resolved: tpm: tpmvtpmproxy: fix a race condition in /dev/vtpmx creation /dev/vtpmx is made visible before 'workqueue' is initialized, which can lead to a memory corruption in the worst case scenario. Address this by initializing 'workqueu...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992396)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992396 advisory. In the Linux kernel, the following vulnerability has been resolved: tpm: tpmcrb: Add the missed acpiputtable to fix memory leak In crbacpiadd, we get the TPM2 table ...
CVE-2023-54073
The CVE-2023-54073 issue is a Linux kernel vulnerability fixed by adding the invariant !tpm_amd_is_rng_defective() at the hwrng_unregister() call site inside tpm_chip_unregister(). The description and connected sources show a crash scenario linked to hwrng_unregister() being called during tpm_chi...
CVE-2023-54073 tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site
In the Linux kernel, the following vulnerability has been resolved: tpm: Add !tpmamdisrngdefective to the hwrngunregister call site The following crash was reported: 1950.279393 listdel corruption, ffff99560d485790-next is NULL 1950.279400 ------------ cut here ------------ 1950.279401 kernel BUG...
CLSA-2025-1766502382 keylime: Fix of CVE-2025-13609
CVE-2025-13609: enforce TPM identity immutability for agent UUIDs in registrar, add shared memory for multiprocess synchronization...
keylime: Keylime: Registrar allows identity takeover via duplicate UUID registration
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module TPM device but claiming an existing agent's unique identifier UUID. This action overwrites the legitimate agent's identity, enabling the...
keylime: Keylime: Registrar allows identity takeover via duplicate UUID registration
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module TPM device but claiming an existing agent's unique identifier UUID. This action overwrites the legitimate agent's identity, enabling the...
keylime: Keylime: Registrar allows identity takeover via duplicate UUID registration
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module TPM device but claiming an existing agent's unique identifier UUID. This action overwrites the legitimate agent's identity, enabling the...
CVE-2025-58770
CVE-2025-58770 concerns the AMI AptioV BIOS, where a local attacker can trigger improper handling of insufficient permissions to escalate privileges. The vulnerability affects the BIOS/firmware layer of AptioV implementations and may impact integrity, availability, and potentially lead to elevate...
CLSA-2025-1764614196 tpm2-tools: Fix of CVE-2024-29039
CVE-2024-29039: add comparison of pcr selection to prevent misleading picture of the TPM state...
SUSE CVE-2025-13609
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module TPM device but claiming an existing agent's unique identifier UUID. This action overwrites the legitimate agent's identity, enabling the...
Keylime allows users to register new agents by recycling existing UUIDs when using different TPM devices
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module TPM device but claiming an existing agent's unique identifier UUID. This action overwrites the legitimate agent's identity, enabling the...
PYSEC-2025-77
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module TPM device but claiming an existing agent's unique identifier UUID. This action overwrites the legitimate agent's identity, enabling the...
PYSEC-2025-77
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module TPM device but claiming an existing agent's unique identifier UUID. This action overwrites the legitimate agent's identity, enabling the...
CVE-2025-13609
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module TPM device but claiming an existing agent's unique identifier UUID. This action overwrites the legitimate agent's identity, enabling the...
CVE-2025-13609 Keylime: keylime: registrar allows identity takeover via duplicate uuid registration
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module TPM device but claiming an existing agent's unique identifier UUID. This action overwrites the legitimate agent's identity, enabling the...
CVE-2025-13609 Keylime: keylime: registrar allows identity takeover via duplicate uuid registration
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module TPM device but claiming an existing agent's unique identifier UUID. This action overwrites the legitimate agent's identity, enabling the...