CVE-2026-46096

UNKNOWN 0.0

tpm2-sessions: Fix missing tpm_buf_destroy() in tpm2_read_public()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix missing tpm_buf_destroy() in tpm2_read_public() tpm2_read_public() calls tpm_buf_init() but fails to call tpm_buf_destroy() on two exit paths, leaking a page allocation: 1. When name_size() returns an error (unrecognized hash algorithm), the function returns directly without destroying the buffer. 2. On the success path, the buffer is never destroyed before returning. All other error paths in the function correctly call tpm_buf_destroy() before returning. Fix both by adding the missing tpm_buf_destroy() calls.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	May 27, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

20eda7c74b69fe9e1caf9b930a5c016bf8d755fa < f8775d9d9062da662cc861f9ff7722a65896d4cd bda1cbf73c6e241267c286427f2ed52b5735d872 < 2f434be87e256fd58254f60ddf5d7d58e775ca0b bda1cbf73c6e241267c286427f2ed52b5735d872 < f0f75a3d98b7959a8677b6363e23190f3018636b a3b7eb67225c486a2da357c5db3e386f4e64bcde 6.18.3 < 6.18.27 6.12.64 < 6.13

Linux / Linux

6.19

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/stable/c/f8775d9d9062da662cc861f9ff7722a65896d4cd git.kernel.org: https://git.kernel.org/stable/c/2f434be87e256fd58254f60ddf5d7d58e775ca0b git.kernel.org: https://git.kernel.org/stable/c/f0f75a3d98b7959a8677b6363e23190f3018636b