14 matches found
CVE-2026-12681
Improper Validation of Specified Index, Position, or Offset in Input vulnerability in Google go-attestation. parseEfiSignatureList does not advance the buffer past vendor bytes before reading entries. For hashSHA256SigGUID lists, this allows attacker-controlled vendor header bytes to be appended ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for the event log to avoid corruption. The TPM event log table is a Linux-specific construct. The data produced by the GetEventLog boot service is cached in memory and then passed to the OS...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: tpm: Changed to kvalloc in eventlog/acpi.c The following failure was reported on HPE ProLiant D320: 10.693310 T1 tpmtis STM0925:00: 2.0 TPM device-id 0x3, rev-id 0 10.848132 T1 ------------ Cut here ------------ 10.853559 T1...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992796)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992796 advisory. In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990850)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990850 advisory. In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is...
The vulnerability of the efi_retrieve_tpm2_eventlog() function (drivers/firmware/efi/libstub/tpm.c) in the Linux kernel allows a hacker to trigger a service failure.
The vulnerability of the efiretrievetpm2eventlog function located in drivers/firmware/efi/libstub/tpm.c in the Linux kernel is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to trigger a system failure...
SUSE CVE-2024-49858
In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...
DEBIAN-CVE-2024-49858
In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...
CVE-2024-49858
In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...
AZL-50957 CVE-2024-49858 affecting package kernel for versions less than 6.6.56.1-5
In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...
AZL-50773 CVE-2024-49858 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...
UBUNTU-CVE-2024-49858
In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...
CVE-2024-49858
CVE-2024-49858: Linux kernel TPM event log handling (efistub/tpm) used EFI_LOADER_DATA, leaving the region unreserved in the EFI 64-bit memory map (via E820) and passed to the kernel via kexec, risking memory corruption. The fix substitutes EFI_ACPI_RECLAIM_MEMORY, which EFI/ACPI treats as reserv...
CVE-2024-49858 efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption
In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is a Linux specific construct, where the data produced by the GetEventLog boot service is cached in memory, and passed on to the OS...