CVE-2021-3446: 
NixOS vulnerability analysis and mitigation

A vulnerability was discovered in libtpms versions before 0.8.2 related to the handling of initialization vectors (IV) in symmetric cipher operations. The vulnerability (CVE-2021-3446) involves the OpenSSL integration returning the initial IV instead of the last IV to the caller, which weakens subsequent encryption and decryption steps (NVD, RedHat Bugzilla).

The vulnerability occurs in the commonly used integration of libtpms with OpenSSL. When certain symmetric ciphers are used, the system returns the initial IV instead of the last-used IV to the caller. This affects the subsequent encryption and decryption steps, as the correct IV is not being propagated. The CVSS v3.1 base score is 5.5 (MEDIUM) with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N (NVD).

The primary impact of this vulnerability is on data confidentiality. The incorrect handling of IVs weakens the cryptographic operations, potentially making the encrypted data less secure. Additionally, after applying the fix, previously chain-encrypted data will not be decryptable anymore with TPM 2 (RedHat Bugzilla).

The vulnerability has been fixed in libtpms versions 0.7.7 and 0.8.2. The fix involves copying the last-used IV from OpenSSL so it can be returned to the caller and used correctly in subsequent encryption and decryption steps (RedHat Bugzilla).