What the vulnerability does

01Description

A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulnerability is to system availability.

Key dates

02Disclosure timeline

March 2, 2022 CVE published
August 3, 2024 Record updated