CVE-2024-36967

MEDIUM

Linux Kernel 5.13-5.15.159, 5.16-6.1.91, 6.2-6.6.31, 6.7-6.8.10, 6.9-6.9.1 - Use-After-Free in tpm2_key_encode()

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2_key_encode() 'scratch' is never freed. Fix this by calling kfree() in the success, and in the error case.

References (6)

Core 6

Core References

Patch

https://git.kernel.org/stable/c/1e6914fa8e7798bcf3ce4a5b96ea4ac1d5571cdf

Patch

https://git.kernel.org/stable/c/5d91238b590bd883c86ba7707c5c9096469c08b7

Patch

https://git.kernel.org/stable/c/e62835264d0352be6086975f18fdfed2b5520b13

Patch

https://git.kernel.org/stable/c/189c768932d435045b1fae12bf63e53866f06a28

Patch

https://git.kernel.org/stable/c/cf26a92f560eed5d6ddc3d441cc645950cbabc56

Patch

https://git.kernel.org/stable/c/ffcaa2172cc1a85ddb8b783de96d38ca8855e248

Scores

CVSS v3 5.5

EPSS 0.0021

EPSS Percentile 11.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-401

Status published

Products (20)

linux/Kernel 5.13.0 - 5.15.160linux

linux/Kernel 5.16.0 - 6.1.92linux

linux/Kernel 6.2.0 - 6.6.32linux

linux/Kernel 6.7.0 - 6.8.11linux

linux/Kernel 6.9.0 - 6.9.2linux

Linux/Linux < 5.13

Linux/Linux 5.13

Linux/Linux 5.15.160 - 5.15.*

Linux/Linux 6.1.92 - 6.1.*

Linux/Linux 6.10

... and 10 more

Published Jun 08, 2024

Tracked Since Feb 18, 2026