Unrated severityNVD Advisory· Published Mar 2, 2022· Updated Aug 3, 2024
CVE-2021-3623
CVE-2021-3623
Description
A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulnerability is to system availability.
Affected products
10- libtpms/libtpmsdescription
- osv-coords9 versionspkg:rpm/opensuse/libtpms&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/libtpms&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/libtpms&distro=openSUSE%20Leap%20Micro%205.2pkg:rpm/opensuse/libtpms&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/suse/libtpms&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/libtpms&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/libtpms&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/libtpms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP3pkg:rpm/suse/libtpms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP4
< 0.8.2-150300.3.6.1+ 8 more
- (no CPE)range: < 0.8.2-150300.3.6.1
- (no CPE)range: < 0.8.2-150300.3.6.1
- (no CPE)range: < 0.8.2-150300.3.6.1
- (no CPE)range: < 0.8.2-150300.3.6.1
- (no CPE)range: < 0.8.2-150300.3.6.1
- (no CPE)range: < 0.8.2-150300.3.6.1
- (no CPE)range: < 0.8.2-150300.3.6.1
- (no CPE)range: < 0.8.2-150300.3.6.1
- (no CPE)range: < 0.8.2-150300.3.6.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7KZSYMTE7Z4BBEZUWO2DIMQDWMGEP46/mitrevendor-advisoryx_refsource_FEDORA
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
- github.com/stefanberger/libtpms/commit/2e6173cmitrex_refsource_MISC
- github.com/stefanberger/libtpms/commit/2f30d62mitrex_refsource_MISC
- github.com/stefanberger/libtpms/commit/7981d9amitrex_refsource_MISC
- github.com/stefanberger/libtpms/pull/223mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.