What the vulnerability does

01Description

A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS (bad memory access) and termination of swtpm. The highest threat from this vulnerability is to system availability.

Key dates

02Disclosure timeline

June 3, 2021 CVE published
August 3, 2024 Record updated