THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-36967

KEYS: trusted: Fix memory leak in tpm2_key_encode()

Assigner:Linux (416baaa9-dc9f-4396-8d5f-8c081fb06d67)
Reserved:2024-05-30
Published:2024-06-08
Updated:2024-06-10

Description

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in tpm2_key_encode() 'scratch' is never freed. Fix this by calling kfree() in the success, and in the error case.

Product status

Default status
unaffected

f2219745250f before 1e6914fa8e77
affected

f2219745250f before 5d91238b590b
affected

f2219745250f before e62835264d03
affected

f2219745250f before 189c768932d4
affected

f2219745250f before cf26a92f560e
affected

f2219745250f before ffcaa2172cc1
affected

Default status
affected

5.13
affected

Any version before 5.13
unaffected

5.15.160
unaffected

6.1.92
unaffected

6.6.32
unaffected

6.8.11
unaffected

6.9.2
unaffected

6.10-rc1
unaffected

References

https://git.kernel.org/stable/c/1e6914fa8e7798bcf3ce4a5b96ea4ac1d5571cdf

https://git.kernel.org/stable/c/5d91238b590bd883c86ba7707c5c9096469c08b7

https://git.kernel.org/stable/c/e62835264d0352be6086975f18fdfed2b5520b13

https://git.kernel.org/stable/c/189c768932d435045b1fae12bf63e53866f06a28

https://git.kernel.org/stable/c/cf26a92f560eed5d6ddc3d441cc645950cbabc56

https://git.kernel.org/stable/c/ffcaa2172cc1a85ddb8b783de96d38ca8855e248

cve.org CVE-2024-36967

nvd.nist.gov CVE-2024-36967

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-36967