2 matches found
CVE-2021-3623
CVE-2021-3623 affects libtpms and describes an out-of-bounds access when the volatile TPM2 state is marshalled/written or unmarshalled/read due to specially crafted TPM2 command packets. The highest threat is to availability. Multiple connected advisories reference this issue (e.g., SUSE-SU-2022:...
CVE-2021-3746
CVE-2021-3746 : libtpms suffers out-of-bounds access when handling TPM2 packets, triggered by crafted TPM2 commands and writes to volatile state, with the highest impact to availability. Affected are libtpms versions before 0.8.5, before 0.7.9, and before 0.6.6. Public advisories indicate a fix i...