9 matches found
Security Bulletin: This Power System update is being released to address CVE-2025-2884
Summary The PowerVM Virtual Trusted Platform Module vTPM feature is impacted by the referenced vulnerability. Vulnerability Details CVEID:CVE-2025-2884 DESCRIPTION: TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validatio...
CVE-2025-2884
TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0...
CVE-2025-2884
TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0...
CVE-2025-2884
creationtimestamp| type| source ---|---|--- 2025-06-10 17:53:29+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114660344390922177 2025-06-10 18:32:39+00:00| seen| https://bsky.app/profile/gcpweekly.bsky.social/post/3lrbjpwtfoc2j 2025-06-11 15:32:04+00:00| seen|...
CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation
TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0...
CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation
TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0...
CVE-2025-2884 Out-of-Bounds read vulnerability in TCG TPM2.0 reference implementation
TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0...
CVE-2025-2884
CVE-2025-2884 concerns the TCG TPM2.0 reference implementation. The vulnerability is in the CryptHmacSign helper, where an out-of-bounds read can occur due to improper validation of the signature scheme against the signature key’s algorithm. Sources reference Errata Revision 1.83 and the TCGVRT00...
Intel® PTT and SPS Advisory
Summary: A potential security vulnerability for some Intel® PTT and Intel® SPS firmware may allow denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-2884 Non-Intel issued Description: Out-of-bounds read in the...