CVE-2024-42255
📋 TL;DR
This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's TPM (Trusted Platform Module) subsystem. When TCG_TPM2_HMAC is enabled, an uninitialized 'auth' pointer can be dereferenced before a NULL check, potentially causing kernel crashes or denial of service. This affects Linux systems with TPM2 hardware security modules enabled.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially disrupting critical operations on affected systems.
Likely Case
System crash or kernel panic requiring reboot, causing temporary service disruption.
If Mitigated
Minimal impact if systems have proper monitoring and redundancy; crashes would be detected and systems automatically recovered.
🎯 Exploit Status
Requires ability to trigger TPM operations, typically needs local access or compromised process with TPM access permissions.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees (commits 7dc357d343f134bf59815ff6098b93503ec8a23b and b9afbb9a0c734197c59c43610071041044bf1562)
Vendor Advisory: https://git.kernel.org/stable/c/7dc357d343f134bf59815ff6098b93503ec8a23b
Restart Required: Yes
Instructions:
1. Update to patched kernel version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.
🔧 Temporary Workarounds
Disable TPM2 HMAC sessions
linuxDisable TCG_TPM2_HMAC feature if not required
echo 'blacklist tpm' >> /etc/modprobe.d/blacklist-tpm.conf
update-initramfs -u
reboot
🧯 If You Can't Patch
- Restrict TPM device access permissions to trusted users only
- Implement system monitoring for kernel panics and automatic recovery procedures
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if TPM2 is enabled: 'lsmod | grep tpm' and 'dmesg | grep -i tpm'Check Version:
uname -rVerify Fix Applied:
Verify kernel version after update and check system logs for TPM-related errors: 'uname -r' and 'journalctl -k | grep -i tpm'📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- NULL pointer dereference errors in kernel logs
- TPM subsystem crash logs
Network Indicators:
- None - this is a local vulnerability
SIEM Query:
source="kernel" AND ("NULL pointer dereference" OR "kernel panic" OR "TPM")