CVE-2022-50562

Summary

In the Linux kernel, the following vulnerability has been resolved:

tpm: acpi: Call acpi_put_table() to fix memory leak

The start and length of the event log area are obtained from TPM2 or TCPA table, so we call acpi_get_table() to get the ACPI information, but the acpi_get_table() should be coupled with acpi_put_table() to release the ACPI memory, add the acpi_put_table() properly to fix the memory leak.

While we are at it, remove the redundant empty line at the end of the tpm_read_log_acpi().

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0bfb23746052168620c5b52f49d8a47c3bb022fa < 8ddc48068ac85740d3d5f9f3b0b323e733a35b33affected
LinuxLinux0bfb23746052168620c5b52f49d8a47c3bb022fa < 638cd298dfebce46919cbd6cf1884701215f506daffected
LinuxLinux0bfb23746052168620c5b52f49d8a47c3bb022fa < 694a3d66f493afd77c704c6de91d9be4d6e004e4affected
LinuxLinux0bfb23746052168620c5b52f49d8a47c3bb022fa < bf31e3f8077af539feaf4e9bbf82e8eb51e7e5a8affected
LinuxLinux0bfb23746052168620c5b52f49d8a47c3bb022fa < 8740a12ca2e2959531ad253bac99ada338b33d80affected
LinuxLinux4.18affected
LinuxLinux0 < 4.18unaffected
LinuxLinux5.10.163 <= 5.10.*unaffected
LinuxLinux5.15.87 <= 5.15.*unaffected
LinuxLinux6.0.17 <= 6.0.*unaffected
LinuxLinux6.1.3 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References