{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31391", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2026-03-09T15:48:24.085Z", "datePublished": "2026-04-03T15:15:56.789Z", "dateUpdated": "2026-04-03T15:15:56.789Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-04-03T15:15:56.789Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: atmel-sha204a - Fix OOM ->tfm_count leak\n\nIf memory allocation fails, decrement ->tfm_count to avoid blocking\nfuture reads."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/atmel-sha204a.c"], "versions": [{"version": "da001fb651b00e1deeaf24767dd691ae8152a4f5", "lessThan": "66ee9c1c3575b5d6afc340faca00fd40ed5b7ad9", "status": "affected", "versionType": "git"}, {"version": "da001fb651b00e1deeaf24767dd691ae8152a4f5", "lessThan": "2bfc83cee05f8b9604502df27d94e8e2b4a3dbf1", "status": "affected", "versionType": "git"}, {"version": "da001fb651b00e1deeaf24767dd691ae8152a4f5", "lessThan": "1ab70c260cf16f931a728b2cb63fff5f38c814d8", "status": "affected", "versionType": "git"}, {"version": "da001fb651b00e1deeaf24767dd691ae8152a4f5", "lessThan": "6f502049a96b368ea6646c49d9520d6f69a101fa", "status": "affected", "versionType": "git"}, {"version": "da001fb651b00e1deeaf24767dd691ae8152a4f5", "lessThan": "fd262dc6d758232511127372eba866b7600739ba", "status": "affected", "versionType": "git"}, {"version": "da001fb651b00e1deeaf24767dd691ae8152a4f5", "lessThan": "d240b079a37e90af03fd7dfec94930eb6c83936e", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/crypto/atmel-sha204a.c"], "versions": [{"version": "5.3", "status": "affected"}, {"version": "0", "lessThan": "5.3", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.167", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.130", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.12.78", "lessThanOrEqual": "6.12.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.18.20", "lessThanOrEqual": "6.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.19.10", "lessThanOrEqual": "6.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "7.0-rc3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.1.167"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.6.130"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.12.78"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.18.20"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.19.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "7.0-rc3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/66ee9c1c3575b5d6afc340faca00fd40ed5b7ad9"}, {"url": "https://git.kernel.org/stable/c/2bfc83cee05f8b9604502df27d94e8e2b4a3dbf1"}, {"url": "https://git.kernel.org/stable/c/1ab70c260cf16f931a728b2cb63fff5f38c814d8"}, {"url": "https://git.kernel.org/stable/c/6f502049a96b368ea6646c49d9520d6f69a101fa"}, {"url": "https://git.kernel.org/stable/c/fd262dc6d758232511127372eba866b7600739ba"}, {"url": "https://git.kernel.org/stable/c/d240b079a37e90af03fd7dfec94930eb6c83936e"}], "title": "crypto: atmel-sha204a - Fix OOM ->tfm_count leak", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: atmel-sha204a - Fix OOM ->tfm_count leak\n\nIf memory allocation fails, decrement ->tfm_count to avoid blocking\nfuture reads."}], "id": "CVE-2026-31391", "lastModified": "2026-04-03T16:16:37.123", "metrics": {}, "published": "2026-04-03T16:16:37.123", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1ab70c260cf16f931a728b2cb63fff5f38c814d8"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2bfc83cee05f8b9604502df27d94e8e2b4a3dbf1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/66ee9c1c3575b5d6afc340faca00fd40ed5b7ad9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6f502049a96b368ea6646c49d9520d6f69a101fa"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/d240b079a37e90af03fd7dfec94930eb6c83936e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/fd262dc6d758232511127372eba866b7600739ba"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[da001fb651b00e1deeaf24767dd691ae8152a4f5,66ee9c1c3575b5d6afc340faca00fd40ed5b7ad9)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[da001fb651b00e1deeaf24767dd691ae8152a4f5,2bfc83cee05f8b9604502df27d94e8e2b4a3dbf1)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[da001fb651b00e1deeaf24767dd691ae8152a4f5,1ab70c260cf16f931a728b2cb63fff5f38c814d8)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[da001fb651b00e1deeaf24767dd691ae8152a4f5,6f502049a96b368ea6646c49d9520d6f69a101fa)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[da001fb651b00e1deeaf24767dd691ae8152a4f5,fd262dc6d758232511127372eba866b7600739ba)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "code_commit", "value": "[da001fb651b00e1deeaf24767dd691ae8152a4f5,d240b079a37e90af03fd7dfec94930eb6c83936e)"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "5.3"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,5.3)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.2.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.7.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.13.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.19.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[0,6.20.0)"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "[0,*]"}}], "enrichment": {"confidence": 99.0, "confidence_source": "inferred", "scores": [{"score": 99.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Linux", "source": "cna", "vendor": "Linux"}, "product": "linux_kernel", "vendor": "linux"}], "analysis": {"en": {"generated_at": "2026-04-03T19:06:21.314805+00:00", "value": {"mitigation_remediation": ["Apply the latest Linux kernel update that includes the fix for the Atmel SHA-204a driver", "If using a custom kernel, backport the commit referenced in the linked sources", "Verify that the atmel-sha204a module is compiled and loaded correctly after the update", "Monitor kernel logs for cryptographic errors that might indicate OOM conditions", "Ensure that the system has sufficient free memory to avoid triggering the bug"], "summary": {"action": "Apply Patch", "impact": "Potential availability impact due to blocking read operations in the Atmel SHA-204a driver"}, "threat_synthesis": {"affected_systems": "All Linux kernel builds that include the Atmel SHA-204a driver before the patch are affected. The driver is part of the default kernel tree, so any distribution or custom kernel that compiles this component is vulnerable. No specific version numbers are listed, so treat all pre\u2011patch releases as at risk.", "description_and_impact": "The Atmel SHA-204a cryptographic driver in the Linux kernel contains an out\u2011of\u2011memory handling bug. If a memory allocation fails, the driver does not decrement the internal TFM count, which can lead to a leak of that counter and cause future read operations to block. The defect does not expose user data but can degrade system availability by stalling cryptographic operations.", "risk_and_exploitability": "The EPSS score is not available and the vulnerability is not listed in the KEV catalog, suggesting limited exploitation. Exploitation would require triggering an out\u2011of\u2011memory condition within the kernel\u2014a scenario typically confined to privileged or local contexts with constrained memory. The impact is primarily an availability issue; the likelihood of successful exploitation in the wild is considered low, but a successful trigger could reduce system responsiveness."}}}}, "created": "2026-04-03T21:13:20.936605+00:00", "updated": "2026-04-03T21:15:35.970250+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"], "weaknesses": ["CWE-357"]}