CVE-2026-46283

Source
https://cve.org/CVERecord?id=CVE-2026-46283
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46283.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2026-46283
Downstream
Related
Published
2026-06-08T15:41:26.425Z
Modified
2026-06-18T03:56:04.413506514Z
Summary
tpm: Use kfree_sensitive() to free auth session in tpm_dev_release()
Details

In the Linux kernel, the following vulnerability has been resolved:

tpm: Use kfreesensitive() to free auth session in tpmdev_release()

tpmdevrelease() uses plain kfree() to free chip->auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data (struct tpm2_auth).

Every other code path that frees this structure uses kfreesensitive() to zero the memory before releasing it: both tpm2endauthsession() and tpmbufcheckhmacresponse() do so. The tpmdevrelease() path is the only one that does not, leaving key material in freed slab memory until it is eventually overwritten.

Use kfree_sensitive() for consistency with the rest of the driver and to ensure session keys are scrubbed during device teardown.

Database specific
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/46xxx/CVE-2026-46283.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
699e3efd6c645c741ea4d6d58282c56b6d108cf7
Fixed
dd3ac52ea7a001406c7dbc663aae4b9f89da679a
Fixed
53e6d2d834df40960b655b353e7a8ff4d927e1c7
Fixed
84ced03172da544c9f8c0862faad48104f519352
Fixed
c424d2664f08c77f08b4580b5f0cbaabf7c229b2

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46283.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
6.10.0
Fixed
6.12.86
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.18.27
Type
ECOSYSTEM
Events
Introduced
6.19.0
Fixed
7.0.4

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2026-46283.json"