1. Home
  2. CVE Database
  3. CVE-2022-23645
MEDIUM · 6.2

CVE-2022-23645

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted heade...

Vulnerability Description

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an out-of-bounds access when the byte array representing the state of the TPM is accessed. This will likely crash swtpm or prevent it from starting since the state cannot be understood. Users should upgrade to swtpm v0.5.3, v0.6.2, or v0.7.1 to receive a patch. There are currently no known workarounds.

CVSS Score

6.2

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
Swtpm ProjectSwtpm< 0.5.3
RedhatEnterprise Linux8.0
FedoraprojectFedora35

Related Weaknesses (CWE)

CWE-125

References

FAQ

What is CVE-2022-23645?

CVE-2022-23645 is a vulnerability with a CVSS score of 6.2 (MEDIUM). swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted heade...

How severe is CVE-2022-23645?

CVE-2022-23645 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-23645?

Check the references section above for vendor advisories and patch information. Affected products include: Swtpm Project Swtpm, Redhat Enterprise Linux, Fedoraproject Fedora.