CVE-2021-3746Improper Restriction of Operations within the Bounds of a Memory Buffer in Project Libtpms

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer6 documents6 sources
Severity
6.5MEDIUMNVD
EPSS
0.2%
top 59.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Libtpms Project LibtpmsFedoraproject FedoraRedhat Enterprise Linux
Timeline
PublishedOct 19
Latest updateMay 24

Description

A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. The vulnerability is triggered by specially-crafted TPM2 command packets that then trigger the issue when the state of the TPM2's volatile state is written. The highest threat from this vulnerability is to system availability. This issue affects libtpms versions before 0.8.5, before 0.7.9 and before 0.6.6.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

NVDlibtpms_project/libtpms0.6.00.6.6+2
Debianlibtpms_project/libtpms< 0.9.1-1+2
CVEListV5libtpms_project/libtpmslibtpms 0.8.5, libtpms 0.7.9, libtpms 0.6.6

Also affects: Fedora 34, Enterprise Linux 8.0

Patches

Patch: bugzilla.redhat.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

3
GHSA
GHSA-9ffq-6fp7-34mv: A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers2022-05-24
CVEList
CVE-2021-3746: A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers2021-10-19
OSV
CVE-2021-3746: A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers2021-10-19

📋Vendor Advisories

2
Red Hat
libtpms: out-of-bounds access via specially crafted TPM 2 command packets2021-08-04
Debian
CVE-2021-3746: libtpms - A flaw was found in the libtpms code that may cause access beyond the boundary o...2021
CVE-2021-3746 — Libtpms Project Libtpms vulnerability | cvebase