CVE-2025-2884
CVE-2025-2884 concerns the TCG TPM2.0 reference implementation. The vulnerability is in the CryptHmacSign helper, where an out-of-bounds read can occur due to improper validation of the signature scheme against the signature key’s algorithm. Sources reference Errata Revision 1.83 and the TCGVRT00...