CVE-2024-53085

MEDIUM

Linux Kernel 6.4-6.11.8 - Improper Locking in TPM Suspend and HWRNG Read

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: tpm: Lock TPM chip in tpm_pm_suspend() first Setting TPM_CHIP_FLAG_SUSPENDED in the end of tpm_pm_suspend() can be racy according, as this leaves window for tpm_hwrng_read() to be called while the operation is in progress. The recent bug report gives also evidence of this behaviour. Aadress this by locking the TPM chip before checking any chip->flags both in tpm_pm_suspend() and tpm_hwrng_read(). Move TPM_CHIP_FLAG_SUSPENDED check inside tpm_get_random() so that it will be always checked only when the lock is reserved.

References (3)

Core 3

Core References

Patch

https://git.kernel.org/stable/c/cfaf83501a0cbb104499c5b0892ee5ebde4e967f

Patch

https://git.kernel.org/stable/c/bc203fe416abdd1c29da594565a7c3c4e979488e

Patch

https://git.kernel.org/stable/c/9265fed6db601ee2ec47577815387458ef4f047a

Scores

CVSS v3 5.5

EPSS 0.0017

EPSS Percentile 6.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-667

Status published

Products (16)

linux/Kernel 6.4.0 - 6.6.64linux

linux/Kernel 6.7.0 - 6.11.8linux

Linux/Linux < 6.4

Linux/Linux 6.1.31 - 6.2

Linux/Linux 6.11.8 - 6.11.*

Linux/Linux 6.12

Linux/Linux 6.3.5 - 6.4

Linux/Linux 6.4

Linux/Linux 6.6.64 - 6.6.*

Linux/Linux 7cd46930b8bf37b84777410ac21bfdf1179021d5

... and 6 more

Published Nov 19, 2024

Tracked Since Feb 18, 2026