CVE-2025-68792

An out-of-bounds array indexing flaw was found in the Linux kernel's TPM2 session handling code. The namesize lookup function uses TPMALGID values directly as array indices without bounds checking. An unrecognized algorithm ID could cause out-of-bounds memory access, potentially leading to memory...

CVE-2025-68792

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize 'namesize' does not have any range checks, and it just directly indexes with TPMALGID, which could lead into memory corruption at worst. Address the issue by only processing...