Out-of-bounds read in Linux kernel - CVE-2026-53038
Published: June 25, 2026
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to an out-of-bounds read in create_securityfs_measurement_lists in the IMA securityfs measurement list creation logic when processing TPM banks with unsupported hash algorithms. A local user can trigger initialization on a system with a TPM that reports an unsupported bank algorithm to cause a denial of service.
The issue is triggered during IMA initialization when a TPM bank algorithm is left as HASH_ALGO__LAST and then used as an index into hash_algo_name[].