CVE-2026-53210

In the Linux kernel, the following vulnerability has been resolved:

tee: shm: fix shm leak in register shm helper()

register shm helper() allocates shm before calling iov iter npages(). If iov iter npages() returns 0, the function jumps to err ctx put and leaks shm.

This can be triggered by TEE IOC SHM REGISTER with struct tee ioctl shm register data where length is 0.

Jump to err free shm instead.