crypto: atmel-sha204a - Fix OOM ->tfm_count leak
Summary
| CVE | CVE-2026-31391 |
|---|---|
| State | PUBLISHED |
| Assigner | Linux |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-04-03 16:16:37 UTC |
| Updated | 2026-04-18 09:16:29 UTC |
| Description | In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix OOM ->tfm_count leak If memory allocation fails, decrement ->tfm_count to avoid blocking future reads. |
Risk And Classification
EPSS: 0.000320000 probability, percentile 0.092520000 (date 2026-04-21)
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Linux | Linux | affected da001fb651b00e1deeaf24767dd691ae8152a4f5 c2d0c45dbb9eb272385ae919b17eef5a5318d3f8 git | Not specified |
| CNA | Linux | Linux | affected da001fb651b00e1deeaf24767dd691ae8152a4f5 66ee9c1c3575b5d6afc340faca00fd40ed5b7ad9 git | Not specified |
| CNA | Linux | Linux | affected da001fb651b00e1deeaf24767dd691ae8152a4f5 2bfc83cee05f8b9604502df27d94e8e2b4a3dbf1 git | Not specified |
| CNA | Linux | Linux | affected da001fb651b00e1deeaf24767dd691ae8152a4f5 1ab70c260cf16f931a728b2cb63fff5f38c814d8 git | Not specified |
| CNA | Linux | Linux | affected da001fb651b00e1deeaf24767dd691ae8152a4f5 6f502049a96b368ea6646c49d9520d6f69a101fa git | Not specified |
| CNA | Linux | Linux | affected da001fb651b00e1deeaf24767dd691ae8152a4f5 fd262dc6d758232511127372eba866b7600739ba git | Not specified |
| CNA | Linux | Linux | affected da001fb651b00e1deeaf24767dd691ae8152a4f5 d240b079a37e90af03fd7dfec94930eb6c83936e git | Not specified |
| CNA | Linux | Linux | affected 5.3 | Not specified |
| CNA | Linux | Linux | unaffected 5.3 semver | Not specified |
| CNA | Linux | Linux | unaffected 5.10.253 5.10.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.1.167 6.1.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.6.130 6.6.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.12.78 6.12.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.18.20 6.18.* semver | Not specified |
| CNA | Linux | Linux | unaffected 6.19.10 6.19.* semver | Not specified |
| CNA | Linux | Linux | unaffected 7.0 * original_commit_for_fix | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| git.kernel.org/stable/c/2bfc83cee05f8b9604502df27d94e8e2b4a3dbf1 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/fd262dc6d758232511127372eba866b7600739ba | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/1ab70c260cf16f931a728b2cb63fff5f38c814d8 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/6f502049a96b368ea6646c49d9520d6f69a101fa | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/c2d0c45dbb9eb272385ae919b17eef5a5318d3f8 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/66ee9c1c3575b5d6afc340faca00fd40ed5b7ad9 | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| git.kernel.org/stable/c/d240b079a37e90af03fd7dfec94930eb6c83936e | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | git.kernel.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.