PT-2024-5398 · Linux+6 · Linux Kernel+6

Carol Soto

Published

2024-05-28

Updated

2025-09-29

CVE-2024-36477

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the TPM SPI transfer mechanism in the Linux kernel, which does not account for the 4 bytes of header that prepends the SPI data frame. This can result in out-of-bounds accesses and was confirmed with KASAN. The introduction of SPI HDRSIZE is intended to account for the header and allocate the transfer buffer correctly.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2024-10855

ALT-PU-2024-13979

ALT-PU-2024-14046

AZL-42829

AZL-42857

BDU:2024-06042

CVE-2024-36477

INFSA-2024_9315

MGASA-2024-0263

MGASA-2024-0266

OESA-2024-1766

OPENSUSE-SU-2024_2372-1

OPENSUSE-SU-2024_2394-1

RHSA-2024:9315

RHSA-2024_9315

SUSE-SU-2024:2372-1

SUSE-SU-2024:2394-1

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

USN-6999-1

USN-6999-2

USN-7004-1

USN-7008-1

USN-7029-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2024-5398 · Linux+6 · Linux Kernel+6

CVE-2024-36477

Weakness Enumeration

Related Identifiers

Affected Products

References · 2857