Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2026/05/27 5:0 p.m.12 views

CVE-2026-46096

A flaw was found in the Linux kernel's tpm2-sessions component. The tpm2readpublic function fails to properly destroy a buffer on certain exit paths, leading to a page allocation leak. This resource exhaustion could allow a local attacker to cause a Denial of Service DoS...

5.5CVSS6AI score0.00121EPSS
Exploits0References4
OSV
OSV
added 2026/05/27 2:17 p.m.5 views

UBUNTU-CVE-2026-46096

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix missing tpmbufdestroy in tpm2readpublic tpm2readpublic calls tpmbufinit but fails to call tpmbufdestroy on two exit paths, leaking a page allocation: 1. When namesize returns an error unrecognized hash algorith...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/27 12:58 p.m.43 views

CVE-2026-46096 tpm2-sessions: Fix missing tpm_buf_destroy() in tpm2_read_public()

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix missing tpmbufdestroy in tpm2readpublic tpm2readpublic calls tpmbufinit but fails to call tpmbufdestroy on two exit paths, leaking a page allocation: 1. When namesize returns an error unrecognized hash algorith...

0.00121EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 12:58 p.m.23 views

CVE-2026-46096

CVE-2026-46096 affects the Linux kernel TPM subsystem. The root cause is a leak in tpm2_read_public where tpm_buf_destroy() is missing on two exit paths after tpm_buf_init(), leaking a page allocation. The fix adds missing tpm_buf_destroy() calls on those exit paths, correcting both the error pat...

5.5CVSS5.9AI score0.00121EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/27 12:58 p.m.12 views

CVE-2026-46096

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix missing tpmbufdestroy in tpm2readpublic tpm2readpublic calls tpmbufinit but fails to call tpmbufdestroy on two exit paths, leaking a page allocation: 1. When namesize returns an error unrecognized hash algorith...

5.5CVSS5.8AI score0.00121EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.20 views

PT-2026-43964

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the tpm2 read public function within the tpm2-sessions module. The function calls tpm buf init to allocate a page but fails to call tpm buf destroy to release it ...

5.5CVSS6.1AI score0.00121EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-46096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tpm2-sessions: Fix missing tpmbufdestroy in tpm2readpublic tpm2readpublic calls tpmbufinit but fails to call tpmbufdestroy on two exit paths, leaking a page...

5.5CVSS6.2AI score0.00121EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.13 views

CVE-2026-46096

tpm2-sessions: Fix missing tpmbufdestroy in tpm2readpublic...

5.8AI score0.00121EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:24 a.m.6 views

SUSE CVE-2018-16419

Several buffer overflows when handling responses from a Cryptoflex card in readpublickey in tools/cryptoflex-tool.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...

4.3CVSS8AI score0.00692EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2019/08/06 12:30 p.m.3 views

opensc: Buffer overflow handling responses from Cryptoflex cards in cryptoflex-tool.c:read_public_key()

Several buffer overflows when handling responses from a Cryptoflex card in readpublickey in tools/cryptoflex-tool.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...

6.6CVSS6AI score0.00692EPSS
Exploits1References5
OSV
OSV
added 2018/09/04 12:29 a.m.1 views

DEBIAN-CVE-2018-16419

Several buffer overflows when handling responses from a Cryptoflex card in readpublickey in tools/cryptoflex-tool.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...

6.6CVSS7.4AI score0.00692EPSS
Exploits1References1
CNVD
CNVD
added 2018/09/04 12:0 a.m.1 views

OpenSC Buffer Overflow Vulnerability (CNVD-2019-28624)

OpenSC is an open source smart card tool and middleware. A buffer overflow vulnerability exists in the 'readpublickey' function in the tools/cryptoflex-tool.c file in versions prior to OpenSC 0.19.0-rc1. An attacker could use this vulnerability to cause a denial of service application crash with...

6.6CVSS6.6AI score0.00692EPSS
Exploits1References1
Rows per page
Query Builder