Lucene search
GoogleOSV:CVE-2021-3505HistoryApr 19, 2021 - 9:15 p.m.
CVE-2021-3505
2021-04-1921:15:13
Google
osv.dev
8
libtpms
tpm 2
key creation
rsaadjustprimecandidate()
data confidentiality
A flaw was found in libtpms in versions before 0.8.0. The TPM 2 implementation returns 2048 bit keys with ~1984 bit strength due to a bug in the TCG specification. The bug is in the key creation algorithm in RsaAdjustPrimeCandidate(), which is called before the prime number check. The highest threat from this vulnerability is to data confidentiality.
Related
cvelist
cvelist
CVE-2021-3505
2021-04-19 20:22:05
nvd
nvd
CVE-2021-3505
2021-04-19 21:15:13
redhatcve
redhatcve
CVE-2021-3505
2021-04-16 14:01:24
debiancve
debiancve
CVE-2021-3505
2021-04-19 21:15:13
prion
prion
Design/Logic Flaw
2021-04-19 21:15:00
ibm
ibm
cve
cve
CVE-2021-3505
2021-04-19 21:15:13
ubuntucve
ubuntucve
CVE-2021-3505
2021-04-19 00:00:00
openvas
openvas
Fedora: Security Advisory for libtpms (FEDORA-2021-cfdc434610)
2021-05-05 00:00:00
Mageia: Security Advisory (MGASA-2021-0590)
2022-01-28 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: libtpms-0.8.2-0.20210426git729fc6a4ca.fc33
2021-05-05 00:54:10
nessus
nessus
RHEL 8 : av_libtpms (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 8 : libtpms (Unpatched Vulnerability)
2024-05-11 00:00:00
mageia
mageia
Updated libtpms/swtpm packages fix security vulnerability
2021-12-30 19:41:51