Vulnerability Name:

CVE-2021-3446 (CCN-198803)

Assigned:2021-03-16
Published:2021-03-16
Updated:2022-10-27
Summary:A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms with OpenSSL contained a vulnerability related to the returned IV (initialization vector) when certain symmetric ciphers were used. Instead of returning the last IV it returned the initial IV to the caller, thus weakening the subsequent encryption and decryption steps. The highest threat from this vulnerability is to data confidentiality.
CVSS v3 Severity:5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)
4.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Adjacent
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
6.1 Medium (CCN CVSS v2 Vector: AV:A/AC:L/Au:N/C:C/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-330
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2021-3446

Source: CCN
Type: Red Hat Bugzilla - Bug 1939664
CVE-2021-3446 libtpms: return of wrong initialization vector when certain symmetric ciphers are used

Source: MISC
Type: Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1939664

Source: XF
Type: UNKNOWN
libtpms-cve20213446-info-disc(198803)

Source: CCN
Type: libtpms GIT Repository
tpm2: CryptSym: fix AES output IV

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2021-3446

Vulnerable Configuration:Configuration 1:
  • cpe:/a:libtpms_project:libtpms:*:*:*:*:*:*:*:* (Version < 0.8.2)

    • Configuration 2:
  • cpe:/o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*

    • Configuration 3:
  • cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:libtpms_project:libtpms:0.7.7:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:602
    P
    		Security update for mariadb (Important)
    2022-07-27
    oval:org.opensuse.security:def:3501
    P
    		glib2-lang-2.48.2-12.15.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:95131
    P
    		libtpms-devel-0.8.2-3.3.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:112879
    P
    		libtpms-devel-0.8.4-2.2 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:106339
    P
    		libtpms-devel-0.8.4-2.2 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:2263
    P
    		libtpms-devel-0.8.2-1.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:63352
    P
    		libtpms-devel-0.8.2-1.1 on GA media (Moderate)
    2021-08-10
    BACK
    libtpms_project libtpms *
    redhat enterprise linux 8.0
    fedoraproject fedora 33
    libtpms_project libtpms 0.7.7