CVE-2025-68792

UNKNOWN 0.0

tpm2-sessions: Fix out of range indexing in name_size

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in name_size 'name_size' does not have any range checks, and it just directly indexes with TPM_ALG_ID, which could lead into memory corruption at worst. Address the issue by only processing known values and returning -EINVAL for unrecognized values. Make also 'tpm_buf_append_name' and 'tpm_buf_fill_hmac_session' fallible so that errors are detected before causing any spurious TPM traffic. End also the authorization session on failure in both of the functions, as the session state would be then by definition corrupted.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	Jan 13, 2026
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

1085b8276bb4239daa7008f0dcd5c973e4bd690f < 47e676ce4d68f461dfcab906f6aeb254f7276deb 1085b8276bb4239daa7008f0dcd5c973e4bd690f < 04a3aa6e8c5f878cc51a8a1c90b6d3c54079bc43 1085b8276bb4239daa7008f0dcd5c973e4bd690f < 6e9722e9a7bfe1bbad649937c811076acf86e1fd

Linux / Linux

6.10

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/47e676ce4d68f461dfcab906f6aeb254f7276deb git.kernel.org: https://git.kernel.org/stable/c/04a3aa6e8c5f878cc51a8a1c90b6d3c54079bc43 git.kernel.org: https://git.kernel.org/stable/c/6e9722e9a7bfe1bbad649937c811076acf86e1fd