CVE-2024-58005 – This CVE addresses a memory allocation vulnerab... (How to Fix)

Q: What is the severity of CVE-2024-58005?

CVE-2024-58005 has a CVSS score of 5.5 (MEDIUM). This CVE addresses a memory allocation vulnerability in the Linux kernel's TPM (Trusted Platform Module) event log handling. The issue occurs when the kernel attempts to allocate a 16 MiB buffer for ACPI event logs using kmalloc, which can fail on systems with memory constraints, potentially causing kernel warnings or system instability. Systems running affected Linux kernel versions with TPM enabled are vulnerable.

📋 TL;DR

This CVE addresses a memory allocation vulnerability in the Linux kernel's TPM (Trusted Platform Module) event log handling. The issue occurs when the kernel attempts to allocate a 16 MiB buffer for ACPI event logs using kmalloc, which can fail on systems with memory constraints, potentially causing kernel warnings or system instability. Systems running affected Linux kernel versions with TPM enabled are vulnerable.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected versions not explicitly stated, but appears to be in kernel versions around 6.12.0 and potentially earlier versions with similar TPM event log handling code.

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Requires TPM hardware and ACPI event logging to be enabled. The vulnerability was specifically observed on HPE ProLiant D320/DL320 Gen12 systems but may affect other systems with similar configurations.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic or system crash due to failed memory allocation, leading to denial of service and potential data loss.

🟠

Likely Case

Kernel warning messages in system logs and potential system instability or performance degradation during TPM operations.

🟢

If Mitigated

Minor performance impact during TPM event log processing with proper memory allocation.

🌐 Internet-Facing: LOW - This vulnerability requires local access to trigger and does not provide remote exploitation capabilities.

🏢 Internal Only: MEDIUM - Local attackers or malicious processes could potentially trigger the allocation failure, causing system instability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM - Requires local access and ability to trigger TPM event log operations.

This appears to be a reliability/DoS issue rather than a security vulnerability with privilege escalation or code execution capabilities. The CVSS score of 5.5 suggests moderate impact.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel commits: 0621d2599d6e02d05c85d6bbd58eaea2f15b3503, 422d7f4e8d817be467986589c7968d3ea402f7da, 4c8bfe643bbd00b04ee8f9545ef33bf6a68c38db, 50365a6304a57266e8f4d3078060743c3b7a1e0d, 77779d1258a287f2c5c2c6aeae203e0996209c77

Vendor Advisory: https://git.kernel.org/stable/c/0621d2599d6e02d05c85d6bbd58eaea2f15b3503

Restart Required: Yes

Instructions:

1. Update to a kernel version containing the fix commits. 2. Check your distribution's security advisories for backported patches. 3. Reboot the system after kernel update.

🔧 Temporary Workarounds

Disable TPM event logging

linux

Prevent the vulnerable code path by disabling TPM event logging in ACPI

echo 0 > /sys/kernel/security/tpm/eventlog
Note: This may reduce TPM functionality and logging capabilities

🧯 If You Can't Patch

Monitor system logs for TPM-related allocation warnings and restart affected services if instability occurs
Ensure adequate system memory is available to reduce likelihood of allocation failures

🔍 How to Verify

Check if Vulnerable:

Check kernel version and look for TPM allocation warnings in dmesg: dmesg | grep -i "tpm\|alloc_pages"

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits: grep -r "0621d2599d6e02d05c85d6bbd58eaea2f15b3503" /boot/System.map* || uname -r

📡 Detection & Monitoring

Log Indicators:

WARNING: CPU: PID: at mm/page_alloc.c:4727 __alloc_pages_noprof
tpm_tis.*TPM.*device-id
ACSI pointed a 16 MiB buffer for the log events

Network Indicators:

None - this is a local memory allocation issue

SIEM Query:

source="kernel" AND ("__alloc_pages_noprof" OR "tpm_tis" OR "16 MiB buffer")

📊 Metadata

CVE ID: CVE-2024-58005

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score: 0.05% exploit probability (14.7th percentile)

Published: February 27, 2025

Last Updated: November 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON