CVE-2021-3565 — Improper Initialization in Project Tpm2-tools

CWE-665 — Improper Initialization CWE-798 — Hard-coded Credentials CWE-200 — Sensitive Information Exposure6 documents6 sources

Severity

5.9MEDIUMNVD

EPSS

0.4%

top 39.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Tpm2-tools Project Tpm2-tools Debian Tpm2-tools Fedoraproject Fedora +3 more

Timeline

PublishedJun 4

Latest updateMay 24

Description

A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages6 packages

▶debiandebian/tpm2-tools< tpm2-tools 5.0-2 (bookworm)

▶NVDtpm2-tools_project/tpm2-tools5.1 — 5.1.1+1

▶Debiantpm2-tools_project/tpm2-tools< 5.0-2+3

▶CVEListV5tpm2-tools_project/tpm2-toolstpm2-tools 5.1.1, tpm2-tools 4.3.2

▶msrcmsrc/cm1_tpm2-tools_4.2-2_on_cbl_mariner_1.0

Also affects: Fedora 33, 34, Enterprise Linux 8.0

Patches

Patch: bugzilla.redhat.com ↗Patch: bugzilla.redhat.com ↗

🔴Vulnerability Details

GHSA

GHSA-jxhq-r9c5-f85p: A flaw was found in tpm2-tools in versions before 5↗2022-05-24

▶

OSV

CVE-2021-3565: A flaw was found in tpm2-tools in versions before 5↗2021-06-04

▶

📋Vendor Advisories

Microsoft

A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper potentially allowing a MITM attacker to unwrap the inner portion and re↗2021-06-08

▶

Red Hat

tpm2-tools: fixed AES wrapping key in tpm2_import↗2021-05-25

▶

Debian

CVE-2021-3565: tpm2-tools - A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_i...↗2021

▶