In the Linux kernel, the following vulnerability has been resolved:
KEYS: trusted: Do not use WARN when encode fails
When asn1encodesequence() fails, WARN is not the correct solution.
It is also noteworthy that the use of WARN is undocumented, and it should be avoided unless there is a carefully considered rationale to use it.
Replace WARN with pr_err, and print the return value instead, which is only useful piece of information.
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ff91cc12faf798f573dab2abc976c1d5b1862fea",
"id": "CVE-2024-36975-3cd72268",
"target": {
"file": "security/keys/trusted-keys/trusted_tpm2.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"170998064907844796483546408160039736357",
"225427268028817120956441133562186217860",
"189685273019300182024209086710880745131",
"164552835647184260362490784199949562323",
"40344949191453977817895727408934186815"
]
},
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d32c6e09f7c4bec3ebc4941323f0aa6366bc1487",
"id": "CVE-2024-36975-6cc9510c",
"target": {
"file": "security/keys/trusted-keys/trusted_tpm2.c",
"function": "tpm2_key_encode"
},
"digest": {
"function_hash": "287803514444996869203727954247132289820",
"length": 1328.0
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@681935009fec3fc22af97ee312d4a24ccf3cf087",
"id": "CVE-2024-36975-7293fd99",
"target": {
"file": "security/keys/trusted-keys/trusted_tpm2.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"170998064907844796483546408160039736357",
"225427268028817120956441133562186217860",
"189685273019300182024209086710880745131",
"164552835647184260362490784199949562323",
"40344949191453977817895727408934186815"
]
},
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ff91cc12faf798f573dab2abc976c1d5b1862fea",
"id": "CVE-2024-36975-7918a113",
"target": {
"file": "security/keys/trusted-keys/trusted_tpm2.c",
"function": "tpm2_key_encode"
},
"digest": {
"function_hash": "287803514444996869203727954247132289820",
"length": 1328.0
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d32c6e09f7c4bec3ebc4941323f0aa6366bc1487",
"id": "CVE-2024-36975-7d8befdb",
"target": {
"file": "security/keys/trusted-keys/trusted_tpm2.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"170998064907844796483546408160039736357",
"225427268028817120956441133562186217860",
"189685273019300182024209086710880745131",
"164552835647184260362490784199949562323",
"40344949191453977817895727408934186815"
]
},
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1c652e1e10676f942149052d9329b8bf2703529a",
"id": "CVE-2024-36975-7fe046fe",
"target": {
"file": "security/keys/trusted-keys/trusted_tpm2.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"170998064907844796483546408160039736357",
"225427268028817120956441133562186217860",
"189685273019300182024209086710880745131",
"164552835647184260362490784199949562323",
"40344949191453977817895727408934186815"
]
},
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@96f650995c70237b061b497c66755e32908f8972",
"id": "CVE-2024-36975-81a24d0f",
"target": {
"file": "security/keys/trusted-keys/trusted_tpm2.c",
"function": "tpm2_key_encode"
},
"digest": {
"function_hash": "287803514444996869203727954247132289820",
"length": 1328.0
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@96f650995c70237b061b497c66755e32908f8972",
"id": "CVE-2024-36975-a7da30cc",
"target": {
"file": "security/keys/trusted-keys/trusted_tpm2.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"170998064907844796483546408160039736357",
"225427268028817120956441133562186217860",
"189685273019300182024209086710880745131",
"164552835647184260362490784199949562323",
"40344949191453977817895727408934186815"
]
},
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@050bf3c793a07f96bd1e2fd62e1447f731ed733b",
"id": "CVE-2024-36975-b8bee110",
"target": {
"file": "security/keys/trusted-keys/trusted_tpm2.c",
"function": "tpm2_key_encode"
},
"digest": {
"function_hash": "287803514444996869203727954247132289820",
"length": 1328.0
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@1c652e1e10676f942149052d9329b8bf2703529a",
"id": "CVE-2024-36975-ca1ea3fa",
"target": {
"file": "security/keys/trusted-keys/trusted_tpm2.c",
"function": "tpm2_key_encode"
},
"digest": {
"function_hash": "287803514444996869203727954247132289820",
"length": 1328.0
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@681935009fec3fc22af97ee312d4a24ccf3cf087",
"id": "CVE-2024-36975-cea3fe6d",
"target": {
"file": "security/keys/trusted-keys/trusted_tpm2.c",
"function": "tpm2_key_encode"
},
"digest": {
"function_hash": "287803514444996869203727954247132289820",
"length": 1328.0
},
"signature_version": "v1",
"signature_type": "Function",
"deprecated": false
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@050bf3c793a07f96bd1e2fd62e1447f731ed733b",
"id": "CVE-2024-36975-fc558147",
"target": {
"file": "security/keys/trusted-keys/trusted_tpm2.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"170998064907844796483546408160039736357",
"225427268028817120956441133562186217860",
"189685273019300182024209086710880745131",
"164552835647184260362490784199949562323",
"40344949191453977817895727408934186815"
]
},
"signature_version": "v1",
"signature_type": "Line",
"deprecated": false
}
]