Peter Huewe

**Name of the Vulnerable Software and Affected Versions** Linux kernel version 2.6 **Description** The issue is related to the `tpm read` function in the Linux kernel, which does not properly clear memory. This might allow local users to read the results of the previous TPM command. **Recommendations** For Linux kernel version 2.6, consider applying a patch that properly clears memory after the `tpm read` function is executed, or update to a newer version that includes this fix. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 2.6.39 **Description** The issue is related to the tpm open function in the Linux kernel, which does not properly initialize a certain buffer. This allows local users to potentially obtain sensitive information from kernel memory. **Recommendations** For versions prior to 2.6.39, update to version 2.6.39 or later to resolve the issue.