TPM-Sniffing LUKS Keys on an Embedded Linux Device [CVE-2026-0714]
Tiberium
19 points
8 comments
March 01, 2026
Related Discussions
Found 5 related stories in 393.7ms across 14,015 title embeddings via pgvector HNSW
- New Linux LPE, 5.10 and above (ptrace_may_access mm-NULL + pidfd_getfd) Tiberium · 17 pts · May 15, 2026 · 57% similar
- Intel SGX: Global Wrapping Key Extracted fogzen · 11 pts · April 01, 2026 · 54% similar
- Since Linux 6.9, LUKS suspend stopped wiping disk-encryption keys from memory IngoBlechschmid · 436 pts · July 02, 2026 · 54% similar
- Incident CVE-2026-LGTM mooreds · 529 pts · June 26, 2026 · 54% similar
- CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root askl · 118 pts · March 18, 2026 · 53% similar
Discussion Highlights (2 comments)
Tiberium
Relevant: https://lkml.org/lkml/2025/8/14/1583 , https://lore.kernel.org/linux-integrity/20250825203223.62951... (Disables TCG_TPM2_HMAC by default)
eqvinox
Not exactly surprising; unless you establish some type of shared secret between the TPM and CPU (e.g. by burning it into fuses in both devices, or through some signature scheme), the bus connecting the two will always be a problem…