drivers/gmjstcm: import CVE-2011-1160 CVE-2011-1162 fixes to tcm.c · Pull Request !2810 · openEuler/kernel

The kernel issue #I7TEYD:drivers/staging/gmjstcm/tcm.c中检测到同源漏洞 have reported 2 TCM(TPM like chip, by Nationz Technologies Inc.) driver CVE issues.
【Vulnerability information】
There may be information leakage vulnerabilities in the tcm_read function and tcm_open function in drivers/staging/gmjstcm/tcm.c
The tcm_read function did not set this memory to 0 after calling the copy_to_user function, causing the user to read the information in the last tcm instruction.
The tcm_open function does not set the memory block to 0 when allocating memory (kmalloc), which may lead to information leakage vulnerabilities.

Here are the two fixes for TPM:

CVE-2011-1160
commit 1309d7afbed1 ("char/tpm: Fix unitialized usage of data buffer")
CVE-2011-1162
commit 3321c07ae506 ("TPM: Zero buffer after copying to userspace")

Now we import and apply such 2 fixes to TCM1.0 driver in drivers/staging/gmjstcm/ dir.

#I9DTGV:CVE-2024-24898
#I9DTJS:CVE-2024-24891

GVPopenEuler/kernel

搜索帮助

GVP openEuler/kernel