vulnerability

Ubuntu: (Multiple Advisories) (CVE-2024-58005): Linux kernel vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:L/AC:L/Au:S/C:N/I:N/A:C)	Feb 27, 2025	May 20, 2025	Jun 3, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

Feb 27, 2025

Added

May 20, 2025

Modified

Jun 3, 2025

Description

In the Linux kernel, the following vulnerability has been resolved:

tpm: Change to kvalloc() in eventlog/acpi.c

The following failure was reported on HPE ProLiant D320:

[ 10.693310][ T1] tpm_tis STM0925:00: 2.0 TPM (device-id 0x3, rev-id 0)
[ 10.848132][ T1] ------------[ cut here ]------------
[ 10.853559][ T1] WARNING: CPU: 59 PID: 1 at mm/page_alloc.c:4727 __alloc_pages_noprof+0x2ca/0x330
[ 10.862827][ T1] Modules linked in:
[ 10.866671][ T1] CPU: 59 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.12.0-lp155.2.g52785e2-default #1 openSUSE Tumbleweed (unreleased) 588cd98293a7c9eba9013378d807364c088c9375
[ 10.882741][ T1] Hardware name: HPE ProLiant DL320 Gen12/ProLiant DL320 Gen12, BIOS 1.20 10/28/2024
[ 10.892170][ T1] RIP: 0010:__alloc_pages_noprof+0x2ca/0x330
[ 10.898103][ T1] Code: 24 08 e9 4a fe ff ff e8 34 36 fa ff e9 88 fe ff ff 83 fe 0a 0f 86 b3 fd ff ff 80 3d 01 e7 ce 01 00 75 09 c6 05 f8 e6 ce 01 01 0b 45 31 ff e9 e5 fe ff ff f7 c2 00 00 08 00 75 42 89 d9 80 e1
[ 10.917750][ T1] RSP: 0000:ffffb7cf40077980 EFLAGS: 00010246
[ 10.923777][ T1] RAX: 0000000000000000 RBX: 0000000000040cc0 RCX: 0000000000000000
[ 10.931727][ T1] RDX: 0000000000000000 RSI: 000000000000000c RDI: 0000000000040cc0

The above transcript shows that ACPI pointed a 16 MiB buffer for the log
events because RSI maps to the 'order' parameter of __alloc_pages_noprof().
Address the bug by moving from devm_kmalloc() to devm_add_action() and
kvmalloc() and devm_add_action().

Solution(s)

ubuntu-upgrade-linux-image-5-15-0-1026-nvidia-tegra-igxubuntu-upgrade-linux-image-5-15-0-1026-nvidia-tegra-igx-rtubuntu-upgrade-linux-image-5-15-0-1037-nvidia-tegraubuntu-upgrade-linux-image-5-15-0-1037-nvidia-tegra-rtubuntu-upgrade-linux-image-5-15-0-1066-gkeopubuntu-upgrade-linux-image-5-15-0-1076-ibmubuntu-upgrade-linux-image-5-15-0-1077-intel-iot-realtimeubuntu-upgrade-linux-image-5-15-0-1078-nvidiaubuntu-upgrade-linux-image-5-15-0-1078-nvidia-lowlatencyubuntu-upgrade-linux-image-5-15-0-1078-raspiubuntu-upgrade-linux-image-5-15-0-1079-intel-iotgubuntu-upgrade-linux-image-5-15-0-1080-kvmubuntu-upgrade-linux-image-5-15-0-1081-gkeubuntu-upgrade-linux-image-5-15-0-1081-oracleubuntu-upgrade-linux-image-5-15-0-1083-gcpubuntu-upgrade-linux-image-5-15-0-1083-gcp-fipsubuntu-upgrade-linux-image-5-15-0-1084-awsubuntu-upgrade-linux-image-5-15-0-1084-aws-fipsubuntu-upgrade-linux-image-5-15-0-1084-realtimeubuntu-upgrade-linux-image-5-15-0-1089-azureubuntu-upgrade-linux-image-5-15-0-1089-azure-fipsubuntu-upgrade-linux-image-5-15-0-140-fipsubuntu-upgrade-linux-image-5-15-0-140-genericubuntu-upgrade-linux-image-5-15-0-140-generic-64kubuntu-upgrade-linux-image-5-15-0-140-generic-lpaeubuntu-upgrade-linux-image-5-15-0-140-lowlatencyubuntu-upgrade-linux-image-5-15-0-140-lowlatency-64kubuntu-upgrade-linux-image-6-11-0-1010-realtimeubuntu-upgrade-linux-image-6-11-0-1013-raspiubuntu-upgrade-linux-image-6-11-0-1014-awsubuntu-upgrade-linux-image-6-11-0-1014-lowlatencyubuntu-upgrade-linux-image-6-11-0-1014-lowlatency-64kubuntu-upgrade-linux-image-6-11-0-1015-azureubuntu-upgrade-linux-image-6-11-0-1015-azure-fdeubuntu-upgrade-linux-image-6-11-0-1015-gcpubuntu-upgrade-linux-image-6-11-0-1015-gcp-64kubuntu-upgrade-linux-image-6-11-0-1016-oracleubuntu-upgrade-linux-image-6-11-0-1016-oracle-64kubuntu-upgrade-linux-image-6-11-0-1022-oemubuntu-upgrade-linux-image-6-11-0-26-genericubuntu-upgrade-linux-image-6-11-0-26-generic-64kubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-aws-fipsubuntu-upgrade-linux-image-aws-lts-22-04ubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-cvmubuntu-upgrade-linux-image-azure-fdeubuntu-upgrade-linux-image-azure-fipsubuntu-upgrade-linux-image-azure-lts-22-04ubuntu-upgrade-linux-image-fipsubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-64kubuntu-upgrade-linux-image-gcp-fipsubuntu-upgrade-linux-image-gcp-lts-22-04ubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-hwe-24-04ubuntu-upgrade-linux-image-generic-hwe-24-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-gke-5-15ubuntu-upgrade-linux-image-gkeopubuntu-upgrade-linux-image-gkeop-5-15ubuntu-upgrade-linux-image-ibmubuntu-upgrade-linux-image-intelubuntu-upgrade-linux-image-intel-iot-realtimeubuntu-upgrade-linux-image-intel-iotgubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-64kubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04ubuntu-upgrade-linux-image-lowlatency-64k-hwe-24-04ubuntu-upgrade-linux-image-lowlatency-hwe-20-04ubuntu-upgrade-linux-image-lowlatency-hwe-24-04ubuntu-upgrade-linux-image-nvidiaubuntu-upgrade-linux-image-nvidia-lowlatencyubuntu-upgrade-linux-image-nvidia-tegraubuntu-upgrade-linux-image-nvidia-tegra-igxubuntu-upgrade-linux-image-nvidia-tegra-igx-rtubuntu-upgrade-linux-image-nvidia-tegra-rtubuntu-upgrade-linux-image-oem-24-04bubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-64kubuntu-upgrade-linux-image-oracle-lts-22-04ubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-raspi-nolpaeubuntu-upgrade-linux-image-realtimeubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-24-04

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today