| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Sep 2021 22:53:50 +0200
From: Lino Sanfilippo <LinoSanfilippo@....de>
To: Jarkko Sakkinen <jarkko@...nel.org>
Cc: peterhuewe@....de, jgg@...pe.ca, p.rosenberger@...bus.com,
linux-integrity@...r.kernel.org, linux-kernel@...r.kernel.org,
stable@...r.kernel.org
Subject: Aw: Re: [PATCH] tpm: fix potential NULL pointer access in
tpm_del_char_device()
Hi,
> Gesendet: Montag, 13. September 2021 um 22:25 Uhr
> Von: "Jarkko Sakkinen" <jarkko@...nel.org>
> An: "Lino Sanfilippo" <LinoSanfilippo@....de>, peterhuewe@....de, jgg@...pe.ca
> Cc: p.rosenberger@...bus.com, linux-integrity@...r.kernel.org, linux-kernel@...r.kernel.org, stable@...r.kernel.org
> Betreff: Re: [PATCH] tpm: fix potential NULL pointer access in tpm_del_char_device()
>
> On Fri, 2021-09-10 at 20:04 +0200, Lino Sanfilippo wrote:
> > In tpm_del_char_device() make sure that chip->ops is still valid.
> > This check is needed since in case of a system shutdown
> > tpm_class_shutdown() has already been called and set chip->ops to NULL.
> > This leads to a NULL pointer access as soon as tpm_del_char_device()
> > tries to access chip->ops in case of TPM 2.
> >
> > Fixes: dcbeab1946454 ("tpm: fix crash in tpm_tis deinitialization")
> > Cc: stable@...r.kernel.org
> > Signed-off-by: Lino Sanfilippo <LinoSanfilippo@....de>
> > ---
>
> Have you been able to reproduce this in some environment?
>
> /Jarkko
>
>
Yes, this bug is reproducable on my system that is running a 5.10 raspberry kernel.
I use a SLB 9670 which is connected via SPI.
Regards,
Lino
Powered by blists - more mailing lists