CVE-2021-46922

Summary

In the Linux kernel, the following vulnerability has been resolved:

KEYS: trusted: Fix TPM reservation for seal/unseal

The original patch 8c657a0590de ("KEYS: trusted: Reserve TPM for seal and unseal operations") was correct on the mailing list:

https://lore.kernel.org/linux-integrity/20210128235621.127925-4-jarkko@kernel.org/

But somehow got rebased so that the tpm_try_get_ops() in tpm2_seal_trusted() got lost. This causes an imbalanced put of the TPM ops and causes oopses on TIS based hardware.

This fix puts back the lost tpm_try_get_ops()

Affected Software

VendorProductVersion RangeStatus
LinuxLinux67118bb78d72aab5b831f054a74ae856339a1974 < bf84ef2dd2ccdcd8f2658476d34b51455f970ce4affected
LinuxLinux498b8fc1cdc13b57b02dd28544b18323900fae10 < 39c8d760d44cb3fa0d67e8cd505df81cf4d80999affected
LinuxLinux8c657a0590de585b1115847c17b34a58025f2f4b < 9d5171eab462a63e2fbebfccf6026e92be018f20affected
LinuxLinux5.10.20 < 5.10.33affected
LinuxLinux5.11.3 < 5.11.17affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References