### [CVE-2021-38576](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38576)
![](https://img.shields.io/static/v1?label=Product&message=EDK%20II&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=edk2-stable202105%2C%20edk2-stable202102%2C%20edk2-stable202011%2C%20edk2-stable202008%2C%20edk2-stable202005%2C%20edk2-stable202002%2C%20edk2-stable201911%2C%20edk2-stable201908%2C%20edk2-stable201905%2C%20edk2-stable201903%2C%20edk2-stable201811%2C%20edk2-stable201808%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Security%20Feature%20Bypass&color=brightgreen)

### Description

A BIOS bug in firmware for a particular PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently DoS the system.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/w4zu/Debian_security