From 0b1db4bd1c668c56f1d893c9ed19a94d46c228f7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= Date: Wed, 11 Jun 2025 23:05:08 +0400 Subject: [PATCH] tpm2: CVE-2025-49133 fix MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Based from upstream commit 04b2d8e9afc ("tpm2: Fix potential out-of-bound access & abort due to HMAC signing issue") Fix an HMAC signing issue that may causes an out-of-bounds access in a TPM2B that in turn was running into an assert() in libtpms causing an abort. The signing issue was due to an inconsistent pairing of the signKey and signScheme parameters, where the signKey is ALG_KEYEDHASH key and inScheme is an ECC or RSA scheme. Signed-off-by: Marc-André Lureau --- src/tpm2/CryptUtil.c | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/src/tpm2/CryptUtil.c b/src/tpm2/CryptUtil.c index 8fae5b6..aadf7f6 100644 --- a/src/tpm2/CryptUtil.c +++ b/src/tpm2/CryptUtil.c @@ -79,12 +79,16 @@ CryptHmacSign( { HMAC_STATE hmacState; UINT32 digestSize; - digestSize = CryptHmacStart2B(&hmacState, signature->signature.any.hashAlg, - &signKey->sensitive.sensitive.bits.b); - CryptDigestUpdate2B(&hmacState.hashState, &hashData->b); - CryptHmacEnd(&hmacState, digestSize, - (BYTE *)&signature->signature.hmac.digest); - return TPM_RC_SUCCESS; + if (signature->sigAlg == TPM_ALG_HMAC) + { + digestSize = CryptHmacStart2B(&hmacState, signature->signature.any.hashAlg, + &signKey->sensitive.sensitive.bits.b); + CryptDigestUpdate2B(&hmacState.hashState, &hashData->b); + CryptHmacEnd(&hmacState, digestSize, + (BYTE *)&signature->signature.hmac.digest); + return TPM_RC_SUCCESS; + } + return TPM_RC_SCHEME; } /* 10.2.6.3.2 CryptHMACVerifySignature() */ /* This function will verify a signature signed by a HMAC key. Note that a caller needs to prepare -- 2.49.0