In the Linux kernel, the following vulnerability has been resolved:
tpm: Clean up TPM space after command failure
tpm_dev_transmit prepares the TPM space before attempting command
transmission. However if the command fails no rollback of this
preparation is done. This can result in transient handles being leaked
if the device is subsequently closed with no further commands performed.
Fix this by flushing the space in the event of command transmission
failure.
Metrics
Affected Vendors & Products
References
History
Fri, 08 Nov 2024 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 23 Oct 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
Weaknesses | CWE-459 | |
CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | |
Vendors & Products |
Linux
Linux linux Kernel |
Tue, 22 Oct 2024 01:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Mon, 21 Oct 2024 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 21 Oct 2024 12:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | In the Linux kernel, the following vulnerability has been resolved: tpm: Clean up TPM space after command failure tpm_dev_transmit prepares the TPM space before attempting command transmission. However if the command fails no rollback of this preparation is done. This can result in transient handles being leaked if the device is subsequently closed with no further commands performed. Fix this by flushing the space in the event of command transmission failure. | |
Title | tpm: Clean up TPM space after command failure | |
References |
|
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-10-21T12:18:44.742Z
Updated: 2024-12-19T09:27:32.938Z
Reserved: 2024-10-21T12:17:06.015Z
Link: CVE-2024-49851
Vulnrichment
Updated: 2024-10-21T12:56:57.776Z
NVD
Status : Modified
Published: 2024-10-21T13:15:05.883
Modified: 2024-11-08T16:15:28.700
Link: CVE-2024-49851
Redhat