Libtpms Project Libtpms vulnerabilities

CVE-2026-21444 [MEDIUM] CWE-327 CVE-2026-21444: libtpms, a library that provides software emulation of a Trusted Platform Module, has a flaw in vers libtpms, a library that provides software emulation of a Trusted Platform Module, has a flaw in versions 0.10.0 and 0.10.1. The commonly used integration of libtpms with OpenSSL 3.x contained a vulnerability related to the returned IV (initialization vector) when certain symmetric ciphers were used. Instead of returning the last IV it returned the i

CVE-2025-49133 [MEDIUM] CWE-125 CVE-2025-49133: Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily i Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived from the TPM 2.0 reference implementation code published by the Trusted Computing Group, is prone to a potential out of bounds (OOB) read vulnerability. The vulnerability occurs in the ‘CryptHmacSign’ function with

CVE-2023-1017 [HIGH] CVE-2023-1017: An out-of-bounds write vulnerability exists in TPM2 An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context.

CVE-2023-1018 [MEDIUM] CVE-2023-1018: An out-of-bounds read vulnerability exists in TPM2 An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.

CVE-2021-3623 [MEDIUM] CWE-787 CVE-2021-3623: A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets co A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulnerability is to system availability.

CVE-2021-3746 [MEDIUM] CWE-119 CVE-2021-3746: A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. The vulnerability is triggered by specially-crafted TPM2 command packets that then trigger the issue when the state of the TPM2's volatile state is written. The highest threat from this vulnerability is to system availability. This issue affects libtpms

CVE-2021-3569 [MEDIUM] CWE-120 CVE-2021-3569: A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypti A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS (bad memory access) and termination of swtpm. The highest threat from this vulnerability is to system availability.

CVE-2021-3505 [MEDIUM] CWE-331 CVE-2021-3505: A flaw was found in libtpms in versions before 0.8.0. The TPM 2 implementation returns 2048 bit keys A flaw was found in libtpms in versions before 0.8.0. The TPM 2 implementation returns 2048 bit keys with ~1984 bit strength due to a bug in the TCG specification. The bug is in the key creation algorithm in RsaAdjustPrimeCandidate(), which is called before the prime number check. The highest threat from this vulnerability is to data confidentiality.

CVE-2021-3446 [MEDIUM] CWE-327 CVE-2021-3446: A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms with A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms with OpenSSL contained a vulnerability related to the returned IV (initialization vector) when certain symmetric ciphers were used. Instead of returning the last IV it returned the initial IV to the caller, thus weakening the subsequent encryption and decrypt