Race Condition in Linux Kernel TPM Proxy Leading to Potential Memory Corruption
CVE-2023-54309

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
30 December 2025

What is CVE-2023-54309?

In the Linux kernel, a race condition exists within the tpm_vtpm_proxy leading to the premature exposure of /dev/vtpmx before proper initialization of the workqueue, potentially resulting in memory corruption. This issue has been addressed by ensuring that the workqueue is initialized as the very first operation during the driver setup, enhancing the stability and security of the kernel.

Affected Version(s)

Linux 6f99612e250041a2402d3b1694bccb149cd424a4 < 509d21f1c4bb9d35d397fca3226165b156a7639f

Linux 6f99612e250041a2402d3b1694bccb149cd424a4 < 04e8697d26613ccea760cf57eb20a5a27f788c0f

Linux 6f99612e250041a2402d3b1694bccb149cd424a4 < 86b9820395f226b8f33cbae9599deebf8af1ce72

References

https://git.kernel.org/stable/c/509d21f1c4bb9d35d397fca32...
https://git.kernel.org/stable/c/04e8697d26613ccea760cf57e...
https://git.kernel.org/stable/c/86b9820395f226b8f33cbae95...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2023-54309 : Race Condition in Linux Kernel TPM Proxy Leading to Potential Memory Corruption