CVE-2025-71147

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-71147
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71147.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2025-71147
Downstream
Related
Published
2026-01-23T14:15:13.945Z
Modified
2026-06-12T03:56:27.601473095Z
Summary
KEYS: trusted: Fix a memory leak in tpm2_load_cmd
Details

In the Linux kernel, the following vulnerability has been resolved:

KEYS: trusted: Fix a memory leak in tpm2loadcmd

'tpm2loadcmd' allocates a tempoary blob indirectly via 'tpm2keydecode' but it is not freed in the failure paths. Address this by wrapping the blob into with a cleanup helper.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/71xxx/CVE-2025-71147.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
f2219745250f388edacabe6cca73654131c67d0a
Fixed
3fd7df4636d8fd5e3592371967a5941204368936
Fixed
af0689cafb127a8d1af78cc8b72585c9b2a19ecd
Fixed
19166de9737218b77122c41a5730ac87025e089f
Fixed
9b015f2918b95bdde2ca9cefa10ef02b138aae1e
Fixed
9e7c63c69f57b1db1a8a1542359a6167ff8fcef1
Fixed
62cd5d480b9762ce70d720a81fa5b373052ae05f

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71147.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.13.0
Fixed
5.15.198
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.160
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.120
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.64
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.3

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-71147.json"