CVE-2022-49286
- Source
- https://cve.org/CVERecord?id=CVE-2022-49286
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49286.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49286
- Downstream
- Related
- Published
- 2025-02-26T01:56:25.566Z
- Modified
- 2026-03-20T12:22:19.574339Z
- Summary
- tpm: use try_get_ops() in tpm-space.c
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
tpm: use trygetops() in tpm-space.c
As part of the series conversion to remove nested TPM operations:
https://lore.kernel.org/all/20190205224723.19671-1-jarkko.sakkinen@linux.intel.com/
exposure of the chip->tpmmutex was removed from much of the upper level code. In this conversion, tpm2delspace() was missed. This didn't matter much because it's usually called closely after a converted operation, so there's only a very tiny race window where the chip can be removed before the space flushing is done which causes a NULL deref on the mutex. However, there are reports of this window being hit in practice, so fix this by converting tpm2delspace() to use tpmtrygetops(), which performs all the teardown checks before acquring the mutex.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49286.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/476ddd23f818fb94cf86fb5617f3bb9a7c92113d
- https://git.kernel.org/stable/c/5b1d2561a03e534064b51c50c774657833d3d2cf
- https://git.kernel.org/stable/c/95193d12f10a8a088843b25e0f5fe1d83ec6b079
- https://git.kernel.org/stable/c/ba84f9a48366dcc3cdef978599433efe101dd5bd
- https://git.kernel.org/stable/c/eda1662cce964c8a65bb86321f8d9cfa6e9ceaab
- https://git.kernel.org/stable/c/fb5abce6b2bb5cb3d628aaa63fa821da8c4600f9
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49286.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-49286
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced745b361e989af21ad40811c2586b60229f870a68Fixed5b1d2561a03e534064b51c50c774657833d3d2cfFixed95193d12f10a8a088843b25e0f5fe1d83ec6b079Fixed476ddd23f818fb94cf86fb5617f3bb9a7c92113dFixededa1662cce964c8a65bb86321f8d9cfa6e9ceaabFixedba84f9a48366dcc3cdef978599433efe101dd5bdFixedfb5abce6b2bb5cb3d628aaa63fa821da8c4600f9