漏洞标题
KEYS: trusted: 解决TPM为密封/解密预留的问题
漏洞描述信息
在Linux内核中,已经修复了以下漏洞:
KEYS: trusted: 解决TPM对密封/解密封操作的保留问题
原始补丁8c657a0590de("KEYS: trusted: 为密封和解密封操作预留TPM")在邮件列表上的讨论是正确的:
https://lore.kernel.org/linux-integrity/20210128235621.127925-4-jarkko@kernel.org/
但是不知何故,这个补丁被重新基线化了,导致tpm2_seal_trusted()中的tpm_try_get_ops()丢失。这会导致TPM操作的不平衡释放,并在基于TIS(Trusted Interface Specification)的硬件上引发错误。
此修复将丢失的tpm_try_get_ops()恢复回去。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
漏洞类别
初始化不恰当
漏洞标题
KEYS: trusted: Fix TPM reservation for seal/unseal
漏洞描述信息
In the Linux kernel, the following vulnerability has been resolved:
KEYS: trusted: Fix TPM reservation for seal/unseal
The original patch 8c657a0590de ("KEYS: trusted: Reserve TPM for seal
and unseal operations") was correct on the mailing list:
https://lore.kernel.org/linux-integrity/20210128235621.127925-4-jarkko@kernel.org/
But somehow got rebased so that the tpm_try_get_ops() in
tpm2_seal_trusted() got lost. This causes an imbalanced put of the
TPM ops and causes oopses on TIS based hardware.
This fix puts back the lost tpm_try_get_ops()
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Linux kernel 安全漏洞
漏洞描述信息
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel 存在安全漏洞,该漏洞源于tpm_try_get_ops()函数已提交的更改意外丢失。
CVSS信息
N/A
漏洞类别
其他