CVE-2025-49133 Overview
CVE-2025-49133 is an out-of-bounds (OOB) read vulnerability in libtpms, a library that provides TPM (Trusted Platform Module) functionality for hypervisors, primarily Qemu. The vulnerability exists in the CryptHmacSign function and can be triggered through inconsistent pairing of signKey and signScheme parameters, where signKey is an ALG_KEYEDHASH key and inScheme is an ECC or RSA scheme.
This vulnerability is derived from the TPM 2.0 reference implementation code published by the Trusted Computing Group. When exploited, it causes libtpms to abort due to detection of out-of-bounds access, resulting in denial of service for virtual TPM (vTPM/swtpm) implementations and making the vTPM unavailable to virtual machines.
Critical Impact
Successful exploitation causes libtpms to abort, making virtual TPM (swtpm) unavailable to VMs and disrupting TPM-dependent security operations including measured boot, encryption key management, and attestation services.
Affected Products
- libtpms version 0.7.11 and earlier in the 0.7.x branch
- libtpms version 0.8.9 and earlier in the 0.8.x branch
- libtpms version 0.9.6 and earlier in the 0.9.x branch
- libtpms version 0.10.0 and earlier in the 0.10.x branch
Discovery Timeline
- June 10, 2025 - CVE-2025-49133 published to NVD
- November 3, 2025 - Last updated in NVD database
Technical Details for CVE-2025-49133
Vulnerability Analysis
The vulnerability is classified as CWE-125 (Out-of-Bounds Read) and occurs within the CryptHmacSign function defined in the TPM 2.0 reference implementation. The function is documented in the Trusted Computing Group's "Part 4: Supporting Routines – Code" specification, specifically in section "7.151 - /tpm/src/crypt/CryptUtil.c".
The root cause stems from improper validation when the signKey parameter is of type ALG_KEYEDHASH while the inScheme parameter specifies an incompatible cryptographic scheme (ECC or RSA). This parameter inconsistency leads to an out-of-bounds memory access when the function attempts to process the signing operation.
Exploitation requires local access and low privileges, allowing user-mode applications to send malicious commands to a TPM 2.0 or vTPM (swtpm) instance. When the vulnerable code path is triggered, libtpms detects the out-of-bounds access and aborts execution, causing a denial of service condition.
Root Cause
The vulnerability originates from insufficient validation of the relationship between the signKey type and the signScheme algorithm in the CryptHmacSign function. When a keyed hash key (ALG_KEYEDHASH) is used with an incompatible signing scheme (ECC or RSA), the code fails to properly validate this combination before proceeding with cryptographic operations. This allows an attacker to force the TPM into an invalid state where memory access bounds are violated.
The fix introduces additional validation checks to ensure the scheme's hashAlg is a valid hash algorithm and adds proper error handling for incompatible key-scheme combinations.
Attack Vector
The attack is locally exploitable and requires a user-mode application to craft and send malicious TPM commands to the affected libtpms instance. An attacker with local access and low privileges can:
- Craft a TPM2_Sign command with an ALG_KEYEDHASH signing key
- Specify an incompatible ECC or RSA scheme as the inScheme parameter
- Submit the malformed command to the vTPM instance
- Trigger the out-of-bounds read in CryptHmacSign, causing an abort
The security patch addresses this by adding validation in the TPM2_Sign function:
// TPM_RC_SCHEME the scheme is not compatible with sign key type,
// or input scheme is not compatible with default
// scheme, or the chosen scheme is not a valid
-// sign scheme
+// sign scheme, or the scheme hashAlg is not a
+// valid hash algorithm
// TPM_RC_TICKET 'validation' is not a valid ticket
// TPM_RC_VALUE the value to sign is larger than allowed for the
// type of 'keyHandle'
+// TPM_RC_ATTRIBUTES the key has the x509sign attribute and can't be
+// used in TPM2_Sign()
+// TPM_RC_SIZE the provided 'digest' does not match the size
+// of the scheme hashAlg digest
TPM_RC
TPM2_Sign(Sign_In* in, // IN: input parameter list
Source: GitHub Commit Update
Detection Methods for CVE-2025-49133
Indicators of Compromise
- Unexpected termination or crash of swtpm (software TPM) processes
- VM failures related to TPM unavailability or TPM communication errors
- Sudden loss of TPM-based encryption or attestation capabilities in virtual environments
- Log entries indicating libtpms abort conditions or memory access violations
Detection Strategies
- Monitor swtpm and qemu process stability for unexpected terminations or restarts
- Implement alerting for VMs reporting TPM initialization failures or TPM communication errors
- Review system logs for libtpms-related abort messages or segmentation faults
- Deploy application-level monitoring on virtualization hosts to detect TPM service disruptions
Monitoring Recommendations
- Configure process monitoring for swtpm daemons to detect crashes and auto-restart patterns
- Implement logging aggregation for TPM-related error messages across virtualization infrastructure
- Monitor guest VM health metrics for TPM-dependent operations such as BitLocker, measured boot, and remote attestation
- Establish baseline metrics for vTPM availability and alert on deviations
How to Mitigate CVE-2025-49133
Immediate Actions Required
- Update libtpms to a patched version: 0.7.12, 0.8.10, 0.9.7, or 0.10.1 depending on your deployment branch
- Review and restart any swtpm instances after updating to ensure patched code is loaded
- Audit virtualization environments to identify all hosts running vulnerable libtpms versions
- Implement process restart policies for swtpm to minimize service disruption from potential exploitation attempts
Patch Information
The libtpms project has released security patches addressing this vulnerability across all supported branches. The fix adds proper validation of the hash algorithm in signing schemes and ensures incompatible key-scheme combinations return appropriate error codes rather than causing memory access violations.
Apply the appropriate patched version based on your deployment:
- Branch 0.7.x: Update to version 0.7.12 or later
- Branch 0.8.x: Update to version 0.8.10 or later
- Branch 0.9.x: Update to version 0.9.7 or later
- Branch 0.10.x: Update to version 0.10.1 or later
For additional details, refer to the GitHub Security Advisory and CERT Vulnerability Report #282450.
Workarounds
- Limit local access to systems running vTPM instances to reduce attack surface
- Implement process supervision and automatic restart for swtpm services to minimize denial of service impact
- Consider network segmentation to isolate virtualization management infrastructure from untrusted users
- Monitor and restrict user-mode applications that can communicate with vTPM instances
# Verify libtpms version on affected systems
pkg info libtpms 2>/dev/null || dpkg -l libtpms* 2>/dev/null || rpm -qa | grep libtpms
# Example: Configure systemd to auto-restart swtpm on failure
# Add to /etc/systemd/system/swtpm.service.d/restart.conf
[Service]
Restart=always
RestartSec=5
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
