CVE-2026-53210

In the Linux kernel, CVE-2026-53210 fixes a shm leak in register_shm_helper() within the TEE SHM path. The function allocates shm before calling iov_iter_npages(); if iov_iter_npages() returns 0, it jumps to err_ctx_put and leaks the allocated shm. The issue could be triggered by TEE_IOC_SHM_REGI...

EUVD-2026-39301

In the Linux kernel, the following vulnerability has been resolved: tee: shm: fix shm leak in registershmhelper registershmhelper allocates shm before calling ioviternpages. If ioviternpages returns 0, the function jumps to errctxput and leaks shm. This can be triggered by TEEIOCSHMREGISTER with...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.10, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tee: Fix NULL pointer dereference in teeshmput teeshmput has a NULL pointer dereference: opteedisableshmcache shm = regpairtoptr...; // shm may return NULL teeshmfreeshm; teeshmputshm; // results in a crash Add a check in teeshmp...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: tee: added a overflow check in registershmhelper When special lengths are provided by the user space, registershmhelper may cause an integer overflow when calculating the number of pages covered by a given user space memory regio...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992851)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992851 advisory. In the Linux kernel, the following vulnerability has been resolved: tee: add overflow check in registershmhelper With special lengths supplied by user space,...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414520)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414520 advisory. A use-after-free exists in drivers/tee/teeshm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in teeshmgetfromid...

CVE-2025-39865

In the Linux kernel, the following vulnerability has been resolved: tee: fix NULL pointer dereference in teeshmput teeshmput have NULL pointer dereference: opteedisableshmcache -- shm = regpairtoptr...;//shm maybe return NULL teeshmfreeshm; -- teeshmputshm;//crash Add check in teeshmput to fix it...

DEBIAN-CVE-2025-39865

In the Linux kernel, the following vulnerability has been resolved: tee: fix NULL pointer dereference in teeshmput teeshmput have NULL pointer dereference: opteedisableshmcache -- shm = regpairtoptr...;//shm maybe return NULL teeshmfreeshm; -- teeshmputshm;//crash Add check in teeshmput to fix it...

UBUNTU-CVE-2025-39865

In the Linux kernel, the following vulnerability has been resolved: tee: fix NULL pointer dereference in teeshmput teeshmput have NULL pointer dereference: opteedisableshmcache -- shm = regpairtoptr...;//shm maybe return NULL teeshmfreeshm; -- teeshmputshm;//crash Add check in teeshmput to fix it...

CVE-2025-39865 tee: fix NULL pointer dereference in tee_shm_put

In the Linux kernel, the following vulnerability has been resolved: tee: fix NULL pointer dereference in teeshmput teeshmput have NULL pointer dereference: opteedisableshmcache -- shm = regpairtoptr...;//shm maybe return NULL teeshmfreeshm; -- teeshmputshm;//crash Add check in teeshmput to fix it...

CVE-2025-39865

In the Linux kernel, the following vulnerability has been resolved: tee: fix NULL pointer dereference in teeshmput teeshmput have NULL pointer dereference: opteedisableshmcache -- shm = regpairtoptr...;//shm maybe return NULL teeshmfreeshm; -- teeshmputshm;//crash Add check in teeshmput to fix it...

CVE-2025-39865

CVE-2025-39865 affects the Linux kernel tee subsystem. The issue is a potential NULL pointer dereference in tee_shm_put when reg_pair_to_ptr may return NULL, leading to a crash in shutdown flow (optee/shm cache path). The documented fix is to add a NULL check in tee_shm_put to prevent dereferenci...

Linux Distros Unpatched Vulnerability : CVE-2025-39865

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tee: fix NULL pointer dereference in teeshmput teeshmput have NULL pointer dereference: opteedisableshmcache -- shm = regpairtoptr... %NASLMINLEVEL 80900 C...

SUSE CVE-2021-44733

A use-after-free exists in drivers/tee/teeshm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in teeshmgetfromid during an attempt to free a shared memory object...

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.

...

DEBIAN-CVE-2021-44733

A use-after-free exists in drivers/tee/teeshm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in teeshmgetfromid during an attempt to free a shared memory object...

AZL-7063 CVE-2021-44733 affecting package kernel for versions less than 5.15.18.1-1

A use-after-free exists in drivers/tee/teeshm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in teeshmgetfromid during an attempt to free a shared memory object...