In the Linux kernel, the following vulnerability has been resolved:
tpm: Clean up TPM space after command failure
tpmdevtransmit prepares the TPM space before attempting command transmission. However if the command fails no rollback of this preparation is done. This can result in transient handles being leaked if the device is subsequently closed with no further commands performed.
Fix this by flushing the space in the event of command transmission failure.
[ { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@87e8134c18977b566f4ec248c8a147244da69402", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c", "function": "tpm_dev_transmit" }, "digest": { "function_hash": "180004766952581177738800611677630051658", "length": 621.0 }, "id": "CVE-2024-49851-00317818", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@87e8134c18977b566f4ec248c8a147244da69402", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c" }, "digest": { "line_hashes": [ "176315312177740819822445301047571818107", "82215223625936830340335733606706201210", "196846254821857038736335241104182444960" ], "threshold": 0.9 }, "id": "CVE-2024-49851-01d422b4", "signature_type": "Line", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c84ceb546f30432fccea4891163f7050f5bee5dd", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c" }, "digest": { "line_hashes": [ "271355974334199250518687126858260249690", "184990000862369774916703977452678451697", "118682703956049695921067801364916574008", "15893712842253678583460519294695958962" ], "threshold": 0.9 }, "id": "CVE-2024-49851-05a1aa73", "signature_type": "Line", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c84ceb546f30432fccea4891163f7050f5bee5dd", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c", "function": "tpm2_flush_space" }, "digest": { "function_hash": "293905118938167236139114030181660643356", "length": 295.0 }, "id": "CVE-2024-49851-08d4c68b", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@adf4ce162561222338cf2c9a2caa294527f7f721", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c" }, "digest": { "line_hashes": [ "271355974334199250518687126858260249690", "184990000862369774916703977452678451697", "118682703956049695921067801364916574008", "15893712842253678583460519294695958962" ], "threshold": 0.9 }, "id": "CVE-2024-49851-0dbcbb34", "signature_type": "Line", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@adf4ce162561222338cf2c9a2caa294527f7f721", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c", "function": "tpm_dev_transmit" }, "digest": { "function_hash": "180004766952581177738800611677630051658", "length": 621.0 }, "id": "CVE-2024-49851-174d54b2", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3aaebcbb7c6b403416f442d1de70d437ce313a7", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c" }, "digest": { "line_hashes": [ "271355974334199250518687126858260249690", "184990000862369774916703977452678451697", "118682703956049695921067801364916574008", "15893712842253678583460519294695958962" ], "threshold": 0.9 }, "id": "CVE-2024-49851-1a5ceefc", "signature_type": "Line", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2c9b228938e9266a1065a3f4fe5c99b7235dc439", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c" }, "digest": { "line_hashes": [ "271355974334199250518687126858260249690", "184990000862369774916703977452678451697", "118682703956049695921067801364916574008", "15893712842253678583460519294695958962" ], "threshold": 0.9 }, "id": "CVE-2024-49851-238616f1", "signature_type": "Line", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2c9b228938e9266a1065a3f4fe5c99b7235dc439", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c" }, "digest": { "line_hashes": [ "176315312177740819822445301047571818107", "82215223625936830340335733606706201210", "196846254821857038736335241104182444960" ], "threshold": 0.9 }, "id": "CVE-2024-49851-3574809a", "signature_type": "Line", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@adf4ce162561222338cf2c9a2caa294527f7f721", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c" }, "digest": { "line_hashes": [ "176315312177740819822445301047571818107", "82215223625936830340335733606706201210", "196846254821857038736335241104182444960" ], "threshold": 0.9 }, "id": "CVE-2024-49851-36db8c6e", "signature_type": "Line", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3aaebcbb7c6b403416f442d1de70d437ce313a7", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c" }, "digest": { "line_hashes": [ "176315312177740819822445301047571818107", "82215223625936830340335733606706201210", "196846254821857038736335241104182444960" ], "threshold": 0.9 }, "id": "CVE-2024-49851-40a7a5f1", "signature_type": "Line", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@87e8134c18977b566f4ec248c8a147244da69402", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c", "function": "tpm2_flush_space" }, "digest": { "function_hash": "293905118938167236139114030181660643356", "length": 295.0 }, "id": "CVE-2024-49851-4fec219f", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@82478cb8a23bd4f97935bbe60d64528c6d9918b4", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c" }, "digest": { "line_hashes": [ "176315312177740819822445301047571818107", "82215223625936830340335733606706201210", "196846254821857038736335241104182444960" ], "threshold": 0.9 }, "id": "CVE-2024-49851-51c43fc4", "signature_type": "Line", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@82478cb8a23bd4f97935bbe60d64528c6d9918b4", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c", "function": "tpm2_flush_space" }, "digest": { "function_hash": "293905118938167236139114030181660643356", "length": 295.0 }, "id": "CVE-2024-49851-53a0053f", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c84ceb546f30432fccea4891163f7050f5bee5dd", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c" }, "digest": { "line_hashes": [ "176315312177740819822445301047571818107", "82215223625936830340335733606706201210", "196846254821857038736335241104182444960" ], "threshold": 0.9 }, "id": "CVE-2024-49851-56e1a358", "signature_type": "Line", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@87e8134c18977b566f4ec248c8a147244da69402", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c" }, "digest": { "line_hashes": [ "271355974334199250518687126858260249690", "184990000862369774916703977452678451697", "118682703956049695921067801364916574008", "15893712842253678583460519294695958962" ], "threshold": 0.9 }, "id": "CVE-2024-49851-5b866fbf", "signature_type": "Line", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3f9f72d843c92fb6f4ff7460d774413cde7f254c", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c" }, "digest": { "line_hashes": [ "271355974334199250518687126858260249690", "184990000862369774916703977452678451697", "118682703956049695921067801364916574008", "15893712842253678583460519294695958962" ], "threshold": 0.9 }, "id": "CVE-2024-49851-6a944e4f", "signature_type": "Line", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3aaebcbb7c6b403416f442d1de70d437ce313a7", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c", "function": "tpm2_flush_space" }, "digest": { "function_hash": "293905118938167236139114030181660643356", "length": 295.0 }, "id": "CVE-2024-49851-7696b253", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@adf4ce162561222338cf2c9a2caa294527f7f721", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c", "function": "tpm2_flush_space" }, "digest": { "function_hash": "293905118938167236139114030181660643356", "length": 295.0 }, "id": "CVE-2024-49851-7943d3ec", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3aaebcbb7c6b403416f442d1de70d437ce313a7", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c", "function": "tpm_dev_transmit" }, "digest": { "function_hash": "180004766952581177738800611677630051658", "length": 621.0 }, "id": "CVE-2024-49851-79e2d199", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ebc4e1f4492d114f9693950621b3ea42b2f82bec", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c", "function": "tpm_dev_transmit" }, "digest": { "function_hash": "180004766952581177738800611677630051658", "length": 621.0 }, "id": "CVE-2024-49851-7e800a33", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c84ceb546f30432fccea4891163f7050f5bee5dd", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c", "function": "tpm_dev_transmit" }, "digest": { "function_hash": "180004766952581177738800611677630051658", "length": 621.0 }, "id": "CVE-2024-49851-8044976e", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2c9b228938e9266a1065a3f4fe5c99b7235dc439", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c", "function": "tpm2_flush_space" }, "digest": { "function_hash": "293905118938167236139114030181660643356", "length": 295.0 }, "id": "CVE-2024-49851-878e0c13", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3f9f72d843c92fb6f4ff7460d774413cde7f254c", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c", "function": "tpm_dev_transmit" }, "digest": { "function_hash": "180004766952581177738800611677630051658", "length": 621.0 }, "id": "CVE-2024-49851-8e0775b0", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3f9f72d843c92fb6f4ff7460d774413cde7f254c", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c", "function": "tpm2_flush_space" }, "digest": { "function_hash": "293905118938167236139114030181660643356", "length": 295.0 }, "id": "CVE-2024-49851-a17295fa", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ebc4e1f4492d114f9693950621b3ea42b2f82bec", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c", "function": "tpm2_flush_space" }, "digest": { "function_hash": "293905118938167236139114030181660643356", "length": 295.0 }, "id": "CVE-2024-49851-a6e6e5fd", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2c9b228938e9266a1065a3f4fe5c99b7235dc439", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c", "function": "tpm_dev_transmit" }, "digest": { "function_hash": "180004766952581177738800611677630051658", "length": 621.0 }, "id": "CVE-2024-49851-b331adfd", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@82478cb8a23bd4f97935bbe60d64528c6d9918b4", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c" }, "digest": { "line_hashes": [ "271355974334199250518687126858260249690", "184990000862369774916703977452678451697", "118682703956049695921067801364916574008", "15893712842253678583460519294695958962" ], "threshold": 0.9 }, "id": "CVE-2024-49851-bff7d11c", "signature_type": "Line", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@82478cb8a23bd4f97935bbe60d64528c6d9918b4", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c", "function": "tpm_dev_transmit" }, "digest": { "function_hash": "180004766952581177738800611677630051658", "length": 621.0 }, "id": "CVE-2024-49851-d2d9151f", "signature_type": "Function", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@3f9f72d843c92fb6f4ff7460d774413cde7f254c", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c" }, "digest": { "line_hashes": [ "176315312177740819822445301047571818107", "82215223625936830340335733606706201210", "196846254821857038736335241104182444960" ], "threshold": 0.9 }, "id": "CVE-2024-49851-d2f28426", "signature_type": "Line", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ebc4e1f4492d114f9693950621b3ea42b2f82bec", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm-dev-common.c" }, "digest": { "line_hashes": [ "271355974334199250518687126858260249690", "184990000862369774916703977452678451697", "118682703956049695921067801364916574008", "15893712842253678583460519294695958962" ], "threshold": 0.9 }, "id": "CVE-2024-49851-e034b9ca", "signature_type": "Line", "signature_version": "v1" }, { "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ebc4e1f4492d114f9693950621b3ea42b2f82bec", "deprecated": false, "target": { "file": "drivers/char/tpm/tpm2-space.c" }, "digest": { "line_hashes": [ "176315312177740819822445301047571818107", "82215223625936830340335733606706201210", "196846254821857038736335241104182444960" ], "threshold": 0.9 }, "id": "CVE-2024-49851-e3f5f78f", "signature_type": "Line", "signature_version": "v1" } ]