Google Git
Sign in
kernel / pub / scm / linux / security / vulns / refs/heads/sasha-vulnerable / . / cve / published / 2024 / CVE-2024-53085.json
blob: 9e816eb1abf9e9c6d8c7758ae330f93efdda0be5 [file] [log] [blame]
{
"containers": {
"cna": {
"providerMetadata": {
"orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
},
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Lock TPM chip in tpm_pm_suspend() first\n\nSetting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy\naccording, as this leaves window for tpm_hwrng_read() to be called while\nthe operation is in progress. The recent bug report gives also evidence of\nthis behaviour.\n\nAadress this by locking the TPM chip before checking any chip->flags both\nin tpm_pm_suspend() and tpm_hwrng_read(). Move TPM_CHIP_FLAG_SUSPENDED\ncheck inside tpm_get_random() so that it will be always checked only when\nthe lock is reserved."
}
],
"affected": [
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/char/tpm/tpm-chip.c",
"drivers/char/tpm/tpm-interface.c"
],
"versions": [
{
"version": "99d46450625590d410f86fe4660a5eff7d3b8343",
"lessThan": "cfaf83501a0cbb104499c5b0892ee5ebde4e967f",
"status": "affected",
"versionType": "git"
},
{
"version": "99d46450625590d410f86fe4660a5eff7d3b8343",
"lessThan": "bc203fe416abdd1c29da594565a7c3c4e979488e",
"status": "affected",
"versionType": "git"
},
{
"version": "99d46450625590d410f86fe4660a5eff7d3b8343",
"lessThan": "9265fed6db601ee2ec47577815387458ef4f047a",
"status": "affected",
"versionType": "git"
},
{
"version": "7cd46930b8bf37b84777410ac21bfdf1179021d5",
"status": "affected",
"versionType": "git"
},
{
"version": "eeda114c92c7b2db69878cdf27163750fd57cfe2",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/char/tpm/tpm-chip.c",
"drivers/char/tpm/tpm-interface.c"
],
"versions": [
{
"version": "6.4",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.4",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.64",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.11.8",
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4",
"versionEndExcluding": "6.6.64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4",
"versionEndExcluding": "6.11.8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4",
"versionEndExcluding": "6.12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.31"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3.5"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/stable/c/cfaf83501a0cbb104499c5b0892ee5ebde4e967f"
},
{
"url": "https://git.kernel.org/stable/c/bc203fe416abdd1c29da594565a7c3c4e979488e"
},
{
"url": "https://git.kernel.org/stable/c/9265fed6db601ee2ec47577815387458ef4f047a"
}
],
"title": "tpm: Lock TPM chip in tpm_pm_suspend() first",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
"cveID": "CVE-2024-53085",
"requesterUserId": "gregkh@kernel.org",
"serial": "1",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.0"
}