CVE-2024-49851

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://git.kernel.org/stable/c/2c9b228938e9266a1065a3f4fe5c99b7235dc439", "name": "https://git.kernel.org/stable/c/2c9b228938e9266a1065a3f4fe5c99b7235dc439", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/ebc4e1f4492d114f9693950621b3ea42b2f82bec", "name": "https://git.kernel.org/stable/c/ebc4e1f4492d114f9693950621b3ea42b2f82bec", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/c84ceb546f30432fccea4891163f7050f5bee5dd", "name": "https://git.kernel.org/stable/c/c84ceb546f30432fccea4891163f7050f5bee5dd", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/82478cb8a23bd4f97935bbe60d64528c6d9918b4", "name": "https://git.kernel.org/stable/c/82478cb8a23bd4f97935bbe60d64528c6d9918b4", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/adf4ce162561222338cf2c9a2caa294527f7f721", "name": "https://git.kernel.org/stable/c/adf4ce162561222338cf2c9a2caa294527f7f721", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/3f9f72d843c92fb6f4ff7460d774413cde7f254c", "name": "https://git.kernel.org/stable/c/3f9f72d843c92fb6f4ff7460d774413cde7f254c", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/e3aaebcbb7c6b403416f442d1de70d437ce313a7", "name": "https://git.kernel.org/stable/c/e3aaebcbb7c6b403416f442d1de70d437ce313a7", "tags": ["Patch"], "refsource": ""}, {"url": "https://git.kernel.org/stable/c/87e8134c18977b566f4ec248c8a147244da69402", "name": "https://git.kernel.org/stable/c/87e8134c18977b566f4ec248c8a147244da69402", "tags": [], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Clean up TPM space after command failure\n\ntpm_dev_transmit prepares the TPM space before attempting command\ntransmission. However if the command fails no rollback of this\npreparation is done. This can result in transient handles being leaked\nif the device is subsequently closed with no further commands performed.\n\nFix this by flushing the space in the event of command transmission\nfailure."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-459"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-49851", "ASSIGNER": "cve@kernel.org"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2024-10-21T13:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.11.2", "versionStartIncluding": "6.11"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.10.13", "versionStartIncluding": "6.7"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.6.54", "versionStartIncluding": "6.2"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "6.1.113", "versionStartIncluding": "5.16"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.15.168", "versionStartIncluding": "5.11"}, {"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "5.10.227", "versionStartIncluding": "4.12"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-11-08T16:15Z"}