CVE-2025-1122 | THREATINT

Description

Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 15753.50.0 stable on Cr50 Boards allows an attacker with root access to gain persistence and Bypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process.

PUBLISHED Reserved 2025-02-07 | Published 2025-04-15 | Updated 2025-05-08 | Assigner ChromeOS

Problem types

Out-of-bounds Write

Product status

15753.50.0 (custom) before 15753.50.0

affected

References

issuetracker.google.com/issues/324336238

issues.chromium.org/issues/b/324336238

cve.org (CVE-2025-1122)

nvd.nist.gov (CVE-2025-1122)

Download JSON