PT-2025-18403 · Linux+5 · Linux Kernel+5

Published

2025-02-07

·

Updated

2026-04-20

·

CVE-2025-23149

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version
Description A vulnerability in the Linux kernel has been resolved. The issue arises when checking TPM CHIP FLAG SUSPENDED after the call to tpm find get ops(), which can lead to a spurious tpm chip start() call. This results in a warning and potential issues with the TPM chip. The vulnerability is related to the tpm cr50 i2c transfer message, tpm cr50 i2c read, and tpm cr50 request locality functions.
Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for this vulnerability. As a temporary workaround, consider disabling the tpm chip start() function until a patch is available. Restrict access to the vulnerable tpm cr50 i2c transfer message, tpm cr50 i2c read, and tpm cr50 request locality functions to minimize the risk of exploitation.

Exploit

Fix

Weakness Enumeration

CWE-99

Related Identifiers

BDU:2025-12311
CVE-2025-23149
OESA-2025-1729
OESA-2025-1730
OESA-2025-1870
SUSE-SU-2025:01964-1
SUSE-SU-2025:01965-1
SUSE-SU-2025:02000-1
SUSE-SU-2025:02254-1
SUSE-SU-2025:02307-1
SUSE-SU-2025:02333-1
SUSE-SU-2025:02334-1
SUSE-SU-2025:02923-1
SUSE-SU-2025:20408-1
SUSE-SU-2025:20413-1
SUSE-SU-2025:20419-1
SUSE-SU-2025:20421-1
SUSE-SU-2025_01964-1
SUSE-SU-2025_01965-1
SUSE-SU-2025_02000-1
SUSE-SU-2025_02254-1
SUSE-SU-2025_02307-1
SUSE-SU-2025_02333-1
SUSE-SU-2025_02334-1
USN-7594-1
USN-7594-2
USN-7594-3
USN-8028-1
USN-8028-2
USN-8028-3
USN-8028-4
USN-8028-5
USN-8028-6
USN-8028-7
USN-8028-8
USN-8031-1
USN-8031-2
USN-8031-3
USN-8052-1
USN-8052-2
USN-8074-1
USN-8074-2
USN-8126-1

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu