CVE-2025-71147 PUBLISHED

KEYS: trusted: Fix a memory leak in tpm2_load_cmd

Assigner: Linux
Reserved: 13.01.2026 Published: 23.01.2026 Updated: 23.01.2026

In the Linux kernel, the following vulnerability has been resolved:

KEYS: trusted: Fix a memory leak in tpm2_load_cmd

'tpm2_load_cmd' allocates a tempoary blob indirectly via 'tpm2_key_decode' but it is not freed in the failure paths. Address this by wrapping the blob into with a cleanup helper.

Product Status

Vendor Linux
Product Linux
Versions Default: unaffected
  • affected from f2219745250f388edacabe6cca73654131c67d0a to 3fd7df4636d8fd5e3592371967a5941204368936 (excl.)
  • affected from f2219745250f388edacabe6cca73654131c67d0a to af0689cafb127a8d1af78cc8b72585c9b2a19ecd (excl.)
  • affected from f2219745250f388edacabe6cca73654131c67d0a to 19166de9737218b77122c41a5730ac87025e089f (excl.)
  • affected from f2219745250f388edacabe6cca73654131c67d0a to 9b015f2918b95bdde2ca9cefa10ef02b138aae1e (excl.)
  • affected from f2219745250f388edacabe6cca73654131c67d0a to 9e7c63c69f57b1db1a8a1542359a6167ff8fcef1 (excl.)
  • affected from f2219745250f388edacabe6cca73654131c67d0a to 62cd5d480b9762ce70d720a81fa5b373052ae05f (excl.)
Vendor Linux
Product Linux
Versions Default: affected
  • Version 5.13 is affected
  • unaffected from 0 to 5.13 (excl.)
  • unaffected from 5.15.198 to 5.15.* (incl.)
  • unaffected from 6.1.160 to 6.1.* (incl.)
  • unaffected from 6.6.120 to 6.6.* (incl.)
  • unaffected from 6.12.64 to 6.12.* (incl.)
  • unaffected from 6.18.3 to 6.18.* (incl.)
  • unaffected from 6.19-rc1 to * (incl.)

References