CVE-2026-45871
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk6th percentile - higher than 6% of all known CVEs
Summary
In the Linux kernel, a vulnerability in the st33zp24 TPM driver was found where the locality is not released after a get_burstcount() error. When get_burstcount() returns -EBUSY due to timeout, st33zp24_send() exits without proper cleanup.
Risk Assessment
Failure to release the locality can lead to resource exhaustion or TPM driver lockup, preventing further TPM operations and potentially affecting system security.
Recommendation
Apply the Linux kernel patch that adds a goto out_err label to ensure proper cleanup after get_burstcount() failure.
Original NVD description (English source)
In the Linux kernel, the following vulnerability has been resolved: tpm: st33zp24: Fix missing cleanup on get_burstcount() error get_burstcount() can return -EBUSY on timeout. When this happens, st33zp24_send() returns directly without releasing the locality acquired earlier. Use goto out_err to ensure proper cleanup when get_burstcount() fails.

