CVE-2025-68792

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> tpm2-sessions: Fix out of range indexing in name_size<br /> <br /> &amp;#39;name_size&amp;#39; does not have any range checks, and it just directly indexes<br /> with TPM_ALG_ID, which could lead into memory corruption at worst.<br /> <br /> Address the issue by only processing known values and returning -EINVAL for<br /> unrecognized values.<br /> <br /> Make also &amp;#39;tpm_buf_append_name&amp;#39; and &amp;#39;tpm_buf_fill_hmac_session&amp;#39; fallible so<br /> that errors are detected before causing any spurious TPM traffic.<br /> <br /> End also the authorization session on failure in both of the functions, as<br /> the session state would be then by definition corrupted.