CVE-2021-3505

MEDIUM

libtpms <0.8.0 - Info Disclosure

Title source: llm

Description

A flaw was found in libtpms in versions before 0.8.0. The TPM 2 implementation returns 2048 bit keys with ~1984 bit strength due to a bug in the TCG specification. The bug is in the key creation algorithm in RsaAdjustPrimeCandidate(), which is called before the prime number check. The highest threat from this vulnerability is to data confidentiality.

References (3)

[Issue Tracking, Patch, Third Party Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=1950046

[Exploit, Patch, Third Party Advisory] https://github.com/stefanberger/libtpms/issues/183

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NUCZX4S53TUNTSGTCRDNOQZV2V2RI4RJ/

Scores

CVSS v3 5.5

EPSS 0.0013

EPSS Percentile 31.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-331

Status published

Products (3)

fedoraproject/fedora 33

libtpms_project/libtpms < 0.8.0

redhat/enterprise_linux 8.0

Published Apr 19, 2021

Tracked Since Feb 18, 2026