Use of a broken or risky cryptographic algorithm in libtpms



Published: 2021-07-01
Risk Medium
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2021-3446
CWE-ID CWE-327
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		libtpms
Universal components / Libraries / Libraries used by multiple products

Vendor Stefan Berger

Security Bulletin

This security bulletin contains one medium risk vulnerability.

1) Use of a broken or risky cryptographic algorithm

EUVDB-ID: #VU54501

Risk: Medium

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-3446

CWE-ID: CWE-327 - Use of a Broken or Risky Cryptographic Algorithm

Exploit availability: No

Description

The vulnerability allows a remote attacker to decrypt data.

The vulnerability exists in libtpms due to integration with OpenSSL, which  contained a vulnerability related to the returned IV (initialization vector) when certain symmetric ciphers were used. Instead of returning the last IV it returned the initial IV to the caller, thus weakening the subsequent encryption and decryption steps.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

libtpms: 0.5.2 - 0.8.1

External links

http://bugzilla.redhat.com/show_bug.cgi?id=1939664


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###