TPM-Sniffing LUKS Keys on an Embedded Linux Device [CVE-2026-0714]
Tiberium
19 points
8 comments
March 01, 2026
Related Discussions
Found 5 related stories in 85.2ms across 8,303 title embeddings via pgvector HNSW
- New Linux LPE, 5.10 and above (ptrace_may_access mm-NULL + pidfd_getfd) Tiberium · 17 pts · May 15, 2026 · 57% similar
- Intel SGX: Global Wrapping Key Extracted fogzen · 11 pts · April 01, 2026 · 54% similar
- CVE-2026-3888: Important Snap Flaw Enables Local Privilege Escalation to Root askl · 118 pts · March 18, 2026 · 53% similar
- Dirtyfrag: Universal Linux LPE flipped · 539 pts · May 07, 2026 · 52% similar
- 'Dirty Frag' exploit leaks out, gives root on most Linux machines lschueller · 15 pts · May 08, 2026 · 51% similar
Discussion Highlights (2 comments)
Tiberium
Relevant: https://lkml.org/lkml/2025/8/14/1583 , https://lore.kernel.org/linux-integrity/20250825203223.62951... (Disables TCG_TPM2_HMAC by default)
eqvinox
Not exactly surprising; unless you establish some type of shared secret between the TPM and CPU (e.g. by burning it into fuses in both devices, or through some signature scheme), the bus connecting the two will always be a problem…