Back to search
CVE-2021-3623
Published: Mar 2, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulnerability is to system availability.
| Vendor | Product | Versions |
|---|---|---|
n/a | libtpms | affected Fixed-In - libtpms 0.6.5, libtpms 0.7.8, libtpms 0.8.4 |
Weaknesses (CWE)
References
FEDORA-2021-465b5c3b67
vendor-advisory
x_refsource_FEDORA
https://bugzilla.redhat.com/show_bug.cgi?id=1976806
x_refsource_MISC
https://github.com/stefanberger/libtpms/pull/223
x_refsource_MISC
https://github.com/stefanberger/libtpms/commit/2f30d62
x_refsource_MISC
https://github.com/stefanberger/libtpms/commit/7981d9a
x_refsource_MISC
https://github.com/stefanberger/libtpms/commit/2e6173c
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now