CVE-2021-3623

CVE-2021-3623 affects libtpms and describes an out-of-bounds access when the volatile TPM2 state is marshalled/written or unmarshalled/read due to specially crafted TPM2 command packets. The highest threat is to availability. Multiple connected advisories reference this issue (e.g., SUSE-SU-2022:...

CVE-2025-49133

The CVE-2025-49133 entry affects libtpms, a TPM functionality library for virtual machines, with a flaw in CryptHmacSign that pairs signKey (ALG_KEYEDHASH) with inScheme (ECC/RSA) leading to an out-of-bounds read. The issue can be triggered by sending malicious TPM 2.0 commands to a vTPM (swtpm) ...

CVE-2021-3746

CVE-2021-3746 : libtpms suffers out-of-bounds access when handling TPM2 packets, triggered by crafted TPM2 commands and writes to volatile state, with the highest impact to availability. Affected are libtpms versions before 0.8.5, before 0.7.9, and before 0.6.6. Public advisories indicate a fix i...

CVE-2021-3505

CVE-2021-3505 affects libtpms

CVE-2021-3446

CVE-2021-3446 affects libtpms prior to 0.8.2, where the OpenSSL integration erroneously returns the initial IV instead of the last IV for certain symmetric ciphers, weakening confidentiality. Affected packages have been addressed in downstream advisories (e.g., Mageia MGASA-2021-0590; OSV entries...

CVE-2021-3569

CVE-2021-3569 describes a stack corruption bug in libtpms that occurs when decrypting data using RSA. Affected versions are before 0.7.2 and before 0.8.0, and the flaw can cause a SIGBUS (bad memory access) and termination of swtpm, with the highest impact on availability. The connected sources c...

CVE-2026-21444

CVE-2026-21444 affects libtpms when integrated with OpenSSL 3.x, with vulnerable versions 0.10.0 and 0.10.1. The issue is that the library returns the initial IV instead of the last IV for certain symmetric ciphers, weakening confidentiality. Affected deployments using OpenSSL 3.x are at risk of ...