Linux Kernel Memory Leak Vulnerability in Trusted Keys TPM2 Command Loading

A memory leak vulnerability has been identified in the Linux kernel's handling of trusted keys, specifically within the TPM2 command loading function. The issue arises because the function 'tpm2_load_cmd' allocates a temporary blob through 'tpm2_key_decode', but fails to release it in certain error scenarios. This oversight has been corrected by introducing a cleanup helper to properly manage the memory. The vulnerability affects several versions of the Linux kernel.

Impact

Exploitation of this vulnerability leads to a memory leak, where allocated memory is not properly freed, potentially causing increased memory usage and degradation of system performance over time.

Reproduction

The vulnerability can be reproduced by invoking the 'tpm2_load_cmd' function in the 'trusted_tpm2.c' file of the Linux kernel's security keys trusted keys module. The function should be called in a way that triggers the failure paths, allowing the memory allocation to occur without being properly freed.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed. The specific commit that resolves this issue is available in the Linux kernel stable tree.