CVE-2025-2884

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-2884
TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0

6.6 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.3 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://github.com/stefanberger/libtpms/commit/04b2d8e9afc0a9b6bffe562a23e58c0de11532d1
https://trustedcomputinggroup.org/about/security/
https://trustedcomputinggroup.org/wp-content/uploads/TPM2.0-Library-Spec-v1.83-Errata_v1_pub.pdf
https://trustedcomputinggroup.org/wp-content/uploads/VRT0009-Advisory-FINAL.pdf
https://www.cve.org/CVERecord?id=CVE-2025-49133
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html
https://www.kb.cert.org/vuls/id/282450
Configurations

No configuration.

History

13 Jun 2025, 18:15

Type Values Removed Values Added
References
  • () https://github.com/stefanberger/libtpms/commit/04b2d8e9afc0a9b6bffe562a23e58c0de11532d1 -
  • () https://www.cve.org/CVERecord?id=CVE-2025-49133 -
Summary (en) TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata 1.83 and advisory VRT0009 of TCG standard TPM2.0 (en) TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0

13 Jun 2025, 03:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 9.8 		v2 : unknown
v3 : 6.6

11 Jun 2025, 15:15

Type Values Removed Values Added
Summary
  • (es) La función auxiliar CryptHmacSign de la implementación de referencia TCG TPM2.0 es vulnerable a lecturas fuera de los límites debido a la falta de validación del esquema de firma con el algoritmo de la clave de firma. Consulte la errata 1.83 del estándar TCG TPM2.0.
Summary (en) TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata 1.83 of TCG standard TPM2.0 (en) TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata 1.83 and advisory VRT0009 of TCG standard TPM2.0
CWE CWE-125
References
  • () https://trustedcomputinggroup.org/wp-content/uploads/VRT0009-Advisory-FINAL.pdf -
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8

10 Jun 2025, 19:15

Type Values Removed Values Added
References
  • () https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01209.html -
  • () https://www.kb.cert.org/vuls/id/282450 -

10 Jun 2025, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-06-10 18:15

Updated : 2025-06-13 18:15

NVD link : CVE-2025-2884

Mitre link : CVE-2025-2884

CVE.ORG link : CVE-2025-2884

JSON object : View

Products Affected

No product.

CWE
CWE-125

Out-of-bounds Read