PT-2025-24896 · Unknown +1 · Tcg Tpm2.0 Reference Implementation +1
Published
2025-06-10
·
Updated
2025-10-16
·
CVE-2025-2884
CVSS v3.1
6.6
6.6
Medium
Base vector | Vector | AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
TCG TPM2.0 versions (affected versions not specified)
AMD Ryzen processors (versions not specified)
Description
The TCG TPM2.0 reference implementation's
CryptHmacSign
function contains a flaw due to a lack of validation between the signature scheme and the signature key's algorithm, leading to an out-of-bounds read. This issue, identified as CVE-2025-2884, allows local attackers to potentially access sensitive memory or cause a denial-of-service condition. The vulnerability affects a wide range of AMD Ryzen processors, from the 3000 series to the 9000 series. The issue allows attackers with standard user privileges to access sensitive data or disrupt the function of the TPM. The vulnerability was initially addressed by AMD in 2022, but motherboard manufacturers only recently implemented fixes in their BIOS updates due to the security implications of the issue. The vulnerability impacts virtual Trusted Platform Modules (vTPM) used in Google Compute Engine’s Shielded VMs.Recommendations
Update TPM firmware to the latest available version.
Update motherboard BIOS to the latest version, specifically those including AGESA 1.2.0.3e or later for AM5 platforms.
For Lenovo models, apply the firmware update released on June 30th addressing CVE-2025-2884.
For systems using Google Compute Engine’s Shielded VMs, ensure the vTPM is updated to address the vulnerability.
If using an MSI motherboard, check for and install the security fix for CVE-2025-2884.
If using an ASUS PRIME B450M-A/CSM motherboard, monitor for BIOS updates that address CVE-2025-2884.
Fix
DoS
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com
Weakness Enumeration
Related Identifiers
CVE-2025-2884
Affected Products
Tcg Tpm2.0 Reference Implementation
Windows
References · 34
- https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2025-2884 · Vendor Advisory
- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2884 · Security Note
- https://nvd.nist.gov/vuln/detail/CVE-2025-2884 · Security Note
- https://cve.org/CVERecord?id=CVE-2025-49133 · Security Note
- https://osv.dev/vulnerability/CVE-2025-2884 · Vendor Advisory
- https://github.com/stefanberger/libtpms/commit/04b2d8e9afc0a9b6bffe562a23e58c0de11532d1⭐ 243 🔗 106 · Note
- https://trustedcomputinggroup.org/wp-content/uploads/TPM2.0-Library-Spec-v1.83-Errata_v1_pub.pdf · Note
- https://twitter.com/the_yellow_fall/status/1932975445974434167 · Twitter Post
- https://reddit.com/r/Action1/comments/1o6mazp/patch_tuesday_october_2025 · Reddit Post
- https://reddit.com/r/tuxedocomputers/comments/1le00tp/cve20252884_ryzen_bios_update · Reddit Post
- https://reddit.com/r/ASUS/comments/1lqqpi9/they_released_bios_updates_for_all_am4_since_nov · Reddit Post
- https://twitter.com/gcpweekly/status/1932506193378914574 · Twitter Post
- https://reddit.com/r/gigabyte/comments/1n0mnhv/x870_wifi_gaming_6_should_i_update_bios · Reddit Post
- https://kb.cert.org/vuls/id/282450 · Note
- https://trustedcomputinggroup.org/about/security · Note