3 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-3446
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms with OpenSSL contained a vulnerability related to the returned IV...
RHEL 8 : libtpms (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtpms: out-of-bounds access when trying to resume the state of the vTPM CVE-2021-3623 - A flaw was foun...
CVE-2021-3446
CVE-2021-3446 affects libtpms prior to 0.8.2, where the OpenSSL integration erroneously returns the initial IV instead of the last IV for certain symmetric ciphers, weakening confidentiality. Affected packages have been addressed in downstream advisories (e.g., Mageia MGASA-2021-0590; OSV entries...