{ "threat_severity" : "Low", "public_date" : "2025-12-24T00:00:00Z", "bugzilla" : { "description" : "kernel: tpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site", "id" : "2425056", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2425056" }, "cvss3" : { "cvss3_base_score" : "4.4", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-414", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\ntpm: Add !tpm_amd_is_rng_defective() to the hwrng_unregister() call site\nThe following crash was reported:\n[ 1950.279393] list_del corruption, ffff99560d485790->next is NULL\n[ 1950.279400] ------------[ cut here ]------------\n[ 1950.279401] kernel BUG at lib/list_debug.c:49!\n[ 1950.279405] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n[ 1950.279407] CPU: 11 PID: 5886 Comm: modprobe Tainted: G O 6.2.8_1 #1\n[ 1950.279409] Hardware name: Gigabyte Technology Co., Ltd. B550M AORUS PRO-P/B550M AORUS PRO-P,\nBIOS F15c 05/11/2022\n[ 1950.279410] RIP: 0010:__list_del_entry_valid+0x59/0xc0\n[ 1950.279415] Code: 48 8b 01 48 39 f8 75 5a 48 8b 72 08 48 39 c6 75 65 b8 01 00 00 00 c3 cc cc cc\ncc 48 89 fe 48 c7 c7 08 a8 13 9e e8 b7 0a bc ff <0f> 0b 48 89 fe 48 c7 c7 38 a8 13 9e e8 a6 0a bc\nff 0f 0b 48 89 fe\n[ 1950.279416] RSP: 0018:ffffa96d05647e08 EFLAGS: 00010246\n[ 1950.279418] RAX: 0000000000000033 RBX: ffff99560d485750 RCX: 0000000000000000\n[ 1950.279419] RDX: 0000000000000000 RSI: ffffffff9e107c59 RDI: 00000000ffffffff\n[ 1950.279420] RBP: ffffffffc19c5168 R08: 0000000000000000 R09: ffffa96d05647cc8\n[ 1950.279421] R10: 0000000000000003 R11: ffffffff9ea2a568 R12: 0000000000000000\n[ 1950.279422] R13: ffff99560140a2e0 R14: ffff99560127d2e0 R15: 0000000000000000\n[ 1950.279422] FS: 00007f67da795380(0000) GS:ffff995d1f0c0000(0000) knlGS:0000000000000000\n[ 1950.279424] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1950.279424] CR2: 00007f67da7e65c0 CR3: 00000001feed2000 CR4: 0000000000750ee0\n[ 1950.279426] PKRU: 55555554\n[ 1950.279426] Call Trace:\n[ 1950.279428] \n[ 1950.279430] hwrng_unregister+0x28/0xe0 [rng_core]\n[ 1950.279436] tpm_chip_unregister+0xd5/0xf0 [tpm]\nAdd the forgotten !tpm_amd_is_rng_defective() invariant to the\nhwrng_unregister() call site inside tpm_chip_unregister()." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-11-07T00:00:00Z", "advisory" : "RHSA-2023:6583", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-362.8.1.el9_3" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2023-11-07T00:00:00Z", "advisory" : "RHSA-2023:6583", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-362.8.1.el9_3" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-54073\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-54073\nhttps://lore.kernel.org/linux-cve-announce/2025122432-CVE-2023-54073-249f@gregkh/T" ], "name" : "CVE-2023-54073", "csaw" : false }