4 matches found
CVE-2026-53210
In the Linux kernel, the following vulnerability has been resolved: tee: shm: fix shm leak in registershmhelper registershmhelper allocates shm before calling ioviternpages. If ioviternpages returns 0, the function jumps to errctxput and leaks shm. This can be triggered by TEEIOCSHMREGISTER with...
CVE-2026-53210
The CVE-2026-53210 issue is in the Linux kernel’s Trusted Execution Environment (TEE) subsystem. A shm leak occurs in register_shm_helper() when TEE_IOC_SHM_REGISTER registers a zero-length shared memory, because shm is allocated before iov_iter_npages() and not freed if it returns 0; the code pa...
CVE-2025-40031
CVE-2025-40031 affects the Linux kernel where in tee, register_shm_helper() was fixed to correct error handling for iov_iter_extract_pages. The bug could trigger a NULL pointer dereference after a bad input from ioctl(TEE_IOC_SHM_REGISTER) when parts of the buffer aren’t mapped, due to a missing ...
PT-2025-44099
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the register shm helper function related to incorrect error handling during a call to iov iter extract pages. Specifically, a missing case exists wher...