In the Linux kernel, the following vulnerability has been resolved:
tpm2-sessions: Fix missing tpm_buf_destroy() in tpm2_read_public()
tpm2_read_public() calls tpm_buf_init() but fails to call
tpm_buf_destroy() on two exit paths, leaking a page allocation:
1. When name_size() returns an error (unrecognized hash algorithm),
the function returns directly without destroying the buffer.
2. On the success path, the buffer is never destroyed before
returning.
All other error paths in the function correctly call
tpm_buf_destroy() before returning.
Fix both by adding the missing tpm_buf_destroy() calls.
References
Configurations
Configuration 1 (hide)
|
History
25 Jun 2026, 21:17
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://git.kernel.org/stable/c/2f434be87e256fd58254f60ddf5d7d58e775ca0b - Patch | |
| References | () https://git.kernel.org/stable/c/f0f75a3d98b7959a8677b6363e23190f3018636b - Patch | |
| References | () https://git.kernel.org/stable/c/f8775d9d9062da662cc861f9ff7722a65896d4cd - Patch | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
| First Time |
Linux linux Kernel
Linux |
|
| CWE | NVD-CWE-noinfo | |
| CPE | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
27 May 2026, 14:17
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-05-27 14:17
Updated : 2026-06-25 21:17
NVD link : CVE-2026-46096
Mitre link : CVE-2026-46096
CVE.ORG link : CVE-2026-46096
JSON object : View
Products Affected
linux
- linux_kernel
CWE
