VYPR
Unrated severityNVD Advisory· Published Apr 15, 2025· Updated May 8, 2025

CVE-2025-1122

CVE-2025-1122

Description

Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 15753.50.0 stable on Cr50 Boards allows an attacker with root access to gain persistence and Bypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process.

Affected products

2
  • Google/Chromellm-fuzzy2 versions
    = 15753.50.0 on Cr50 boards+ 1 more
    • (no CPE)range: = 15753.50.0 on Cr50 boards
    • (no CPE)range: 15753.50.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.