CVE-2025-71077

MEDIUM EPSS 2.4%
Published Jan 13, 20265mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jan 13, 2026 5mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: tpm: Cap the number of PCR banks tpm2_get_pcr_allocation() does not cap any upper limit for the number of banks. Cap the limit to eight banks so that out of bounds values coming from external I/O cause on only limited harm.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 15

VendorProductVersionRange
linuxlinux_kernel*≥5.1.1  –  <5.10.248
linuxlinux_kernel*≥5.11  –  <5.15.198
linuxlinux_kernel*≥5.16  –  <6.1.160
linuxlinux_kernel*≥6.2  –  <6.6.120
linuxlinux_kernel*≥6.7  –  <6.12.64
linuxlinux_kernel*≥6.13  –  <6.18.3
linuxlinux_kernel5.1any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any
linuxlinux_kernel6.19any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/275c686f1e3cc056ec66c764489ec1fe1e51b950
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/858344bc9210bea9ab2bdc7e9e331ba84c164e50
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8ceee7288152bc121a6bf92997261838c78bfe06
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b69492161c056d36789aee42a87a33c18c8ed5e1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ceb70d31da5671d298bad94ae6c20e4bbb800f96
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d88481653d74d622d1d0d2c9bad845fc2cc6fd23
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/faf07e611dfa464b201223a7253e9dc5ee0f3c9e
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/275c686f1e3cc056ec66c764489ec1fe1e51b950
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/858344bc9210bea9ab2bdc7e9e331ba84c164e50
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8ceee7288152bc121a6bf92997261838c78bfe06
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b69492161c056d36789aee42a87a33c18c8ed5e1
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ceb70d31da5671d298bad94ae6c20e4bbb800f96
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d88481653d74d622d1d0d2c9bad845fc2cc6fd23
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/faf07e611dfa464b201223a7253e9dc5ee0f3c9e
    Patch