CVE-2011-1160

Priority
Description
The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel before
2.6.39 does not initialize a certain buffer, which allows local users to
obtain potentially sensitive information from kernel memory via unspecified
vectors.
Ubuntu-Description
Peter Huewe discovered that the TPM device did not correctly initialize
memory. A local attacker could exploit this to read kernel heap memory
contents, leading to a loss of privacy.
Notes
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.39~rc1)
Patches:
Introduced by
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by
1309d7afbed112f0e8e90be9af975550caa0076b
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
Package
Upstream:released (2.6.39~rc1)
More Information

Updated: 2019-12-05 20:56:49 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)