CVE-2026-31391 - Vulnerability Details

- crypto: atmel-sha204a - Fix OOM ->tfm_count leak

Description

In the Linux kernel, the following vulnerability has been resolved:

crypto: atmel-sha204a - Fix OOM ->tfm_count leak

If memory allocation fails, decrement ->tfm_count to avoid blocking
future reads.

Published: 2026-04-03

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A flaw in the Atmel SHA204a crypto driver of the Linux kernel can cause the tfm_count counter to be decremented after a memory allocation failure. This incorrect counter modification leads to a resource counter leak and can block subsequent read operations, effectively turning normal crypto requests into delayed or frozen ones. The weakness involves improper resource release, as identified by CWE‑911.

Affected Systems

The vulnerability affects any Linux kernel that includes the Atmel SHA204a driver before the patch series referenced in the advisory. No explicit version list is supplied, so every kernel containing the buggy code path is potentially impacted until the update is applied.

Risk and Exploitability

The CVSS score is not disclosed, yet the EPSS score is below 1 % and the issue is not recorded in the CISA Known Exploited Vulnerabilities catalog, indicating a low likelihood of exploitation. An attacker would need to provoke memory exhaustion within the crypto subsystem, a scenario that is typically local or privileged. The primary risk is a denial of service due to blocked future reads rather than remote code execution or data disclosure.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`da001fb651b00e1deeaf24767dd691ae8152a4f5`	affected	< c2d0c45dbb9eb272385ae919b17eef5a5318d3f8
`da001fb651b00e1deeaf24767dd691ae8152a4f5`	affected	< 66ee9c1c3575b5d6afc340faca00fd40ed5b7ad9
`da001fb651b00e1deeaf24767dd691ae8152a4f5`	affected	< 2bfc83cee05f8b9604502df27d94e8e2b4a3dbf1
`da001fb651b00e1deeaf24767dd691ae8152a4f5`	affected	< 1ab70c260cf16f931a728b2cb63fff5f38c814d8
`da001fb651b00e1deeaf24767dd691ae8152a4f5`	affected	< 6f502049a96b368ea6646c49d9520d6f69a101fa
`da001fb651b00e1deeaf24767dd691ae8152a4f5`	affected	< fd262dc6d758232511127372eba866b7600739ba
`da001fb651b00e1deeaf24767dd691ae8152a4f5`	affected	< d240b079a37e90af03fd7dfec94930eb6c83936e

Linux

affected

Version	Status	Constraints
`5.3`	affected	—
`0`	unaffected	< 5.3
`5.10.253`	unaffected	≤ 5.10.*
`6.1.167`	unaffected	≤ 6.1.*
`6.6.130`	unaffected	≤ 6.6.*
`6.12.78`	unaffected	≤ 6.12.*
`6.18.20`	unaffected	≤ 6.18.*
`6.19.10`	unaffected	≤ 6.19.*
`7.0`	unaffected	≤ *

No data.

Vendor Product Confidence Versions

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`[da001fb651b00e1deeaf24767dd691ae8152a4f5,66ee9c1c3575b5d6afc340faca00fd40ed5b7ad9)`	affected	code_commit	—
`[da001fb651b00e1deeaf24767dd691ae8152a4f5,2bfc83cee05f8b9604502df27d94e8e2b4a3dbf1)`	affected	code_commit	—
`[da001fb651b00e1deeaf24767dd691ae8152a4f5,1ab70c260cf16f931a728b2cb63fff5f38c814d8)`	affected	code_commit	—
`[da001fb651b00e1deeaf24767dd691ae8152a4f5,6f502049a96b368ea6646c49d9520d6f69a101fa)`	affected	code_commit	—
`[da001fb651b00e1deeaf24767dd691ae8152a4f5,fd262dc6d758232511127372eba866b7600739ba)`	affected	code_commit	—
`[da001fb651b00e1deeaf24767dd691ae8152a4f5,d240b079a37e90af03fd7dfec94930eb6c83936e)`	affected	code_commit	—

Linux

Linux Kernel

99%

Version	Status	Scheme	Platform
`5.3`	affected	generic	—
`[0,5.3)`	unaffected	generic	—
`[0,6.2.0)`	unaffected	semver	—
`[0,6.7.0)`	unaffected	semver	—
`[0,6.13.0)`	unaffected	semver	—
`[0,6.19.0)`	unaffected	semver	—
`[0,6.20.0)`	unaffected	semver	—
`[0,*]`	unaffected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Update the Linux kernel to a release that includes the patch commits referenced in the advisory
Confirm that the atmel‑sha204a driver module is present and up‑to‑date
Monitor system logs for repeated out‑of‑memory errors during crypto operations
If a kernel upgrade cannot be applied immediately, restrict the use of the atmel‑sha204a crypto functions in critical workloads

Generated by OpenCVE AI on April 7, 2026 at 10:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00032.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/1ab70c260cf16f931a728b2cb63fff5f38c814d8
https://git.kernel.org/stable/c/2bfc83cee05f8b9604502df27d94e8e2b4a3dbf1
https://git.kernel.org/stable/c/66ee9c1c3575b5d6afc340faca00fd40ed5b7ad9
https://git.kernel.org/stable/c/6f502049a96b368ea6646c49d9520d6f69a101fa
https://git.kernel.org/stable/c/c2d0c45dbb9eb272385ae919b17eef5a5318d3f8
https://git.kernel.org/stable/c/d240b079a37e90af03fd7dfec94930eb6c83936e
https://git.kernel.org/stable/c/fd262dc6d758232511127372eba866b7600739ba
https://lore.kernel.org/linux-cve-announce/2026040324-CVE-2026-31391-4b86@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2026-31391
https://www.cve.org/CVERecord?id=CVE-2026-31391

History

Sat, 18 Apr 2026 09:15:00 +0000

Type	Values Removed	Values Added
References		https://git.kernel.org/stable/c/c2d0c45dbb9eb272385ae919b17eef5a5318d3f8

Tue, 07 Apr 2026 08:00:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-357

Sat, 04 Apr 2026 01:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-911
References		https://lore.kernel.org/linux-cve-announce/2026040324-CVE-2026-31391-4b86@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2026-31391 https://www.cve.org/CVERecord?id=CVE-2026-31391

Fri, 03 Apr 2026 21:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-357

Fri, 03 Apr 2026 16:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix OOM ->tfm_count leak If memory allocation fails, decrement ->tfm_count to avoid blocking future reads.
Title		crypto: atmel-sha204a - Fix OOM ->tfm_count leak
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/1ab70c260cf16f931a728b2cb63fff5f38c814d8 https://git.kernel.org/stable/c/2bfc83cee05f8b9604502df27d94e8e2b4a3dbf1 https://git.kernel.org/stable/c/66ee9c1c3575b5d6afc340faca00fd40ed5b7ad9 https://git.kernel.org/stable/c/6f502049a96b368ea6646c49d9520d6f69a101fa https://git.kernel.org/stable/c/d240b079a37e90af03fd7dfec94930eb6c83936e https://git.kernel.org/stable/c/fd262dc6d758232511127372eba866b7600739ba

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2026-04-03T15:15:56.789Z

Updated: 2026-04-18T08:59:14.908Z

Reserved: 2026-03-09T15:48:24.085Z

Link: CVE-2026-31391

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2026-04-03T16:16:37.123

Modified: 2026-04-18T09:16:29.433

Link: CVE-2026-31391

Redhat

Severity :

Publid Date: 2026-04-03T00:00:00Z

Links: CVE-2026-31391 - Bugzilla

OpenCVE Enrichment

Updated: 2026-04-08T19:53:32Z

Weaknesses

CWE-911

Impact

Affected Systems

Risk and Exploitability

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object