13 matches found
CVE-2024-53085
In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpmpmsuspend first Setting TPMCHIPFLAGSUSPENDED in the end of tpmpmsuspend can be racy according, as this leaves window for tpmhwrngread to be called while the operation is in progress. The recent bug report...
Unspecified vulnerability in Linux kernel (CNVD-2024-46398)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a TPM chip lock in the tpmpmsuspend function. No details of the vulnerability are provided at this time...
CVE-2024-53085
In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpmpmsuspend first Setting TPMCHIPFLAGSUSPENDED in the end of tpmpmsuspend can be racy according, as this leaves window for tpmhwrngread to be called while the operation is in progress. The recent bug report...
CVE-2024-53085
CVE-2024-53085 (Linux kernel) describes a race in TPM handling during suspend/read paths. The fix locks the TPM chip before checking chip flags in both tpm_pm_suspend() and tpm_hwrng_read(), and relocates TPM_CHIP_FLAG_SUSPENDED checking inside tpm_get_random() so the lock is considered when the ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a TPM chip lock in the tpmpmsuspend function. No details of the vulnerability are provided at this time...
CVE-2022-48997
In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpmpmsuspend with locks Currently tpm transactions are executed unconditionally in tpmpmsuspend function, which may lead to races with other tpm accessors in the system. Specifically, the hwrandom tpm driver...
CVE-2022-48997
In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpmpmsuspend with locks Currently tpm transactions are executed unconditionally in tpmpmsuspend function, which may lead to races with other tpm accessors in the system. Specifically, the hwrandom tpm driver...
DEBIAN-CVE-2022-48997
In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpmpmsuspend with locks Currently tpm transactions are executed unconditionally in tpmpmsuspend function, which may lead to races with other tpm accessors in the system. Specifically, the hwrandom tpm driver...
CVE-2022-48997 char: tpm: Protect tpm_pm_suspend with locks
In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpmpmsuspend with locks Currently tpm transactions are executed unconditionally in tpmpmsuspend function, which may lead to races with other tpm accessors in the system. Specifically, the hwrandom tpm driver...
CVE-2022-48997 char: tpm: Protect tpm_pm_suspend with locks
In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpmpmsuspend with locks Currently tpm transactions are executed unconditionally in tpmpmsuspend function, which may lead to races with other tpm accessors in the system. Specifically, the hwrandom tpm driver...
CVE-2022-48997
CVE-2022-48997 affects the Linux kernel TPM subsystem, where tpm transactions during suspend were not guarded and could race with other TPM accessors inside tpm_pm_suspend. The referenced fixes call tpm_try_get_ops(), a wrapper around tpm_chip_start() that acquires the appropriate mutex, to seria...
CVE-2022-48997 char: tpm: Protect tpm_pm_suspend with locks
In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpmpmsuspend with locks Currently tpm transactions are executed unconditionally in tpmpmsuspend function, which may lead to races with other tpm accessors in the system. Specifically, the hwrandom tpm driver...
GSD-2023-1000292 char: tpm: Protect tpm_pm_suspend with locks
char: tpm: Protect tpmpmsuspend with locks This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.226 by commit...