CVE-2021-38576

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-38576
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-38576.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2021-38576
Downstream
Published
2022-01-03T22:15:09.903Z
Modified
2026-03-13T05:07:06.519047Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the system.

References

Affected packages

Git / github.com/tianocore/edk2

Affected ranges

Type
GIT
Repo
https://github.com/tianocore/edk2
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
cb5f4f45ce1fca390b99dae5c42b9c4c8b53deea
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
85588389222a3636baf0f9ed8227f2434af4c3f9
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
89910a39dcfd788057caa5d88b7e76e112d187b5
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
20d2e5a125e34fc8501026613a71549b2a1a3e54
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
37eef91017ad042035090cae46557f9d6e2d5917
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
bd85bf54c268204c7a698a96f3ccd96cd77952cd
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
4c0f6e349d32cf27a7104ddd3e729d6ebc88ea70
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ca407c7246bf405da6d9b1b9d93e5e7f17b4b1f9
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
06dc822d045c2bb42e497487935485302486e151
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
872f953262d68a11da7bc2fb3ded16df234b8700
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ef91b07388e1c0a50c604e5350eeda98428ccea6
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e1999b264f1f9d7230edf2448f757c73da567832
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "201808"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "201811"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "201903"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "201905"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "201908"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "201911"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "202002"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "202005"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "202008"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "202011"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "202102"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "202105"
        }
    ]
}

Affected versions

Other
edk2-stable201808

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-38576.json"