5.5

CVE-2025-71077

tpm: Cap the number of PCR banks

In the Linux kernel, the following vulnerability has been resolved:

tpm: Cap the number of PCR banks

tpm2_get_pcr_allocation() does not cap any upper limit for the number of
banks. Cap the limit to eight banks so that out of bounds values coming
from external I/O cause on only limited harm.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.1.1 < 5.10.248
LinuxLinux Kernel Version >= 5.11 < 5.15.198
LinuxLinux Kernel Version >= 5.16 < 6.1.160
LinuxLinux Kernel Version >= 6.2 < 6.6.120
LinuxLinux Kernel Version >= 6.7 < 6.12.64
LinuxLinux Kernel Version >= 6.13 < 6.18.3
LinuxLinux Kernel Version5.1 Update-
LinuxLinux Kernel Version6.19 Updaterc1
LinuxLinux Kernel Version6.19 Updaterc2
LinuxLinux Kernel Version6.19 Updaterc3
LinuxLinux Kernel Version6.19 Updaterc4
LinuxLinux Kernel Version6.19 Updaterc5
LinuxLinux Kernel Version6.19 Updaterc6
LinuxLinux Kernel Version6.19 Updaterc7
LinuxLinux Kernel Version6.19 Updaterc8
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.12% 0.024
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/ceb70d31da5671d298bad94ae6c20e4bbb800f96
Patch
https://git.kernel.org/stable/c/d88481653d74d622d1d0d2c9bad845fc2cc6fd23
Patch
https://git.kernel.org/stable/c/b69492161c056d36789aee42a87a33c18c8ed5e1
Patch
https://git.kernel.org/stable/c/858344bc9210bea9ab2bdc7e9e331ba84c164e50
Patch
https://git.kernel.org/stable/c/faf07e611dfa464b201223a7253e9dc5ee0f3c9e
Patch
https://git.kernel.org/stable/c/275c686f1e3cc056ec66c764489ec1fe1e51b950
Patch
https://git.kernel.org/stable/c/8ceee7288152bc121a6bf92997261838c78bfe06
Patch