CVE-2026-31391
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk2th percentile - higher than 2% of all known CVEs
Summary
In the Linux kernel, the atmel-sha204a driver has a ->tfm_count leak when memory allocation fails. The counter is not decremented, potentially blocking future read operations.
Risk Assessment
The organization may face unavailability of cryptographic functions based on the ATmel SHA204A chip, impacting the integrity and availability of services relying on hardware encryption.
Recommendation
Immediately update the Linux kernel to a version containing the fix (commit addressing the issue). Monitor the availability of the patch for your distribution.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix OOM ->tfm_count leak If memory allocation fails, decrement ->tfm_count to avoid blocking future reads.

