CVE-2025-71147
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
KEYS: trusted: Fix a memory leak in tpm2_load_cmd
'tpm2_load_cmd' allocates a tempoary blob indirectly via 'tpm2_key_decode' but it is not freed in the failure paths. Address this by wrapping the blob into with a cleanup helper.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | f2219745250f388edacabe6cca73654131c67d0a < 3fd7df4636d8fd5e3592371967a5941204368936 | affected |
| Linux | Linux | f2219745250f388edacabe6cca73654131c67d0a < af0689cafb127a8d1af78cc8b72585c9b2a19ecd | affected |
| Linux | Linux | f2219745250f388edacabe6cca73654131c67d0a < 19166de9737218b77122c41a5730ac87025e089f | affected |
| Linux | Linux | f2219745250f388edacabe6cca73654131c67d0a < 9b015f2918b95bdde2ca9cefa10ef02b138aae1e | affected |
| Linux | Linux | f2219745250f388edacabe6cca73654131c67d0a < 9e7c63c69f57b1db1a8a1542359a6167ff8fcef1 | affected |
| Linux | Linux | f2219745250f388edacabe6cca73654131c67d0a < 62cd5d480b9762ce70d720a81fa5b373052ae05f | affected |
| Linux | Linux | 5.13 | affected |
| Linux | Linux | 0 < 5.13 | unaffected |
| Linux | Linux | 5.15.198 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.160 <= 6.1.* | unaffected |
| Linux | Linux | 6.6.120 <= 6.6.* | unaffected |
| Linux | Linux | 6.12.64 <= 6.12.* | unaffected |
| Linux | Linux | 6.18.3 <= 6.18.* | unaffected |
| Linux | Linux | 6.19 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/3fd7df4636d8fd5e3592371967a5941204368936
- https://git.kernel.org/stable/c/af0689cafb127a8d1af78cc8b72585c9b2a19ecd
- https://git.kernel.org/stable/c/19166de9737218b77122c41a5730ac87025e089f
- https://git.kernel.org/stable/c/9b015f2918b95bdde2ca9cefa10ef02b138aae1e
- https://git.kernel.org/stable/c/9e7c63c69f57b1db1a8a1542359a6167ff8fcef1
- https://git.kernel.org/stable/c/62cd5d480b9762ce70d720a81fa5b373052ae05f
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.