Description

In the Linux kernel, the following vulnerability has been resolved: tpm: Cap the number of PCR banks tpm2_get_pcr_allocation() does not cap any upper limit for the number of banks. Cap the limit to eight banks so that out of bounds values coming from external I/O cause on only limited harm.

INFO

Published Date :

2026-01-13T15:31:29.435Z

Last Modified :

2026-01-19T12:19:38.319Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-71077 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-71077.

URL Resource
https://git.kernel.org/stable/c/275c686f1e3cc056ec66c764489ec1fe1e51b950 cve-icon cve-icon
https://git.kernel.org/stable/c/858344bc9210bea9ab2bdc7e9e331ba84c164e50 cve-icon cve-icon
https://git.kernel.org/stable/c/8ceee7288152bc121a6bf92997261838c78bfe06 cve-icon cve-icon
https://git.kernel.org/stable/c/b69492161c056d36789aee42a87a33c18c8ed5e1 cve-icon cve-icon
https://git.kernel.org/stable/c/ceb70d31da5671d298bad94ae6c20e4bbb800f96 cve-icon cve-icon
https://git.kernel.org/stable/c/d88481653d74d622d1d0d2c9bad845fc2cc6fd23 cve-icon cve-icon
https://git.kernel.org/stable/c/faf07e611dfa464b201223a7253e9dc5ee0f3c9e cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2026011327-CVE-2025-71077-6e08@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-71077 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-71077 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact