Lucene search
OracleLinuxELSA-2022-9240HistoryMar 22, 2022 - 12:00 a.m.
libtpms security update
2022-03-2200:00:00
linux.oracle.com
26
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
libtpms
[0.8.8-1.el7]
- spec: Update spec file to version 0.8.8
- Fri Sep 17 2021 Stefan Berger - 0.8.7-1
- tpm2: Fixes for building and running with OpenSSL 3.0
- Fri Sep 10 2021 Stefan Berger - 0.8.6-1
- tpm2: Marshal event sequence objects’ hash state
- Wed Sep 01 2021 Stefan Berger - 0.8.5-1
- tpm2: NVMarshal: Handle index orderly RAM without 0-sized terminating node
- tpm2: Initialize a whole OBJECT before using it
- Wed Jun 23 2021 Stefan Berger - 0.8.4-1
- tpm2: Reset too large size indicators in TPM2B to avoid access beyond buffer
- Tue Jun 01 2021 Stefan Berger - 0.8.3-1
- tpm2: Work-around for Windows 2016 & 2019 bug related to ContextLoad
swtpm
[0.3.4-5.el7] - swtpm: Check header size indicator against expected size (CID 375869) (Stefan
Berger) [Orabug: 33876933] {CVE-2022-23645}
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | libtpms | < 0.8.8-1.el7 | libtpms-0.8.8-1.el7.src.rpm |
| oracle linux | 7 | src | swtpm | < 0.3.4-5.el7 | swtpm-0.3.4-5.el7.src.rpm |
| oracle linux | 7 | x86_64 | libtpms | < 0.8.8-1.el7 | libtpms-0.8.8-1.el7.x86_64.rpm |
| oracle linux | 7 | x86_64 | libtpms-devel | < 0.8.8-1.el7 | libtpms-devel-0.8.8-1.el7.x86_64.rpm |
| oracle linux | 7 | x86_64 | swtpm | < 0.3.4-5.el7 | swtpm-0.3.4-5.el7.x86_64.rpm |
| oracle linux | 7 | x86_64 | swtpm-devel | < 0.3.4-5.el7 | swtpm-devel-0.3.4-5.el7.x86_64.rpm |
| oracle linux | 7 | x86_64 | swtpm-libs | < 0.3.4-5.el7 | swtpm-libs-0.3.4-5.el7.x86_64.rpm |
| oracle linux | 7 | x86_64 | swtpm-tools | < 0.3.4-5.el7 | swtpm-tools-0.3.4-5.el7.x86_64.rpm |
Related
nessus
nessus
Oracle Linux 7 : libtpms (ELSA-2022-9240)
2022-03-22 00:00:00
CentOS 9 : swtpm-0.8.0-1.el9
2024-02-29 00:00:00
Oracle Linux 9 : swtpm (ELSA-2022-8100)
2022-11-22 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2401
2024-04-17 13:39:37
redhatcve
redhatcve
CVE-2022-23645
2022-02-21 11:18:08
CVE-2021-3623
2021-06-28 10:49:40
ubuntucve
ubuntucve
CVE-2022-23645
2022-02-18 00:00:00
CVE-2021-3623
2022-03-02 00:00:00
openvas
openvas
openSUSE: Security Advisory for swtpm (SUSE-SU-2022:1297-1)
2022-05-17 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1297-1)
2022-04-22 00:00:00
Fedora: Security Advisory for swtpm (FEDORA-2022-12443a525c)
2022-03-23 00:00:00
osv
osv
CVE-2022-23645
2022-02-18 21:15:13
Low: swtpm security and bug fix update
2022-11-15 00:00:00
CVE-2021-3623
2022-03-02 23:15:08
cve
cve
CVE-2022-23645
2022-02-18 21:15:00
CVE-2021-3623
2022-03-02 23:15:00
mageia
mageia
Updated swtpm packages fix security vulnerability
2022-03-23 11:36:28
Updated libtpms/swtpm packages fix security vulnerability
2021-12-30 19:41:51
suse
suse
Security update for swtpm (low)
2022-04-21 00:00:00
oraclelinux
oraclelinux
swtpm security and bug fix update
2022-11-22 00:00:00
virt:ol and virt-devel:ol security, bug fix, and enhancement update
2022-11-15 00:00:00
redhat
redhat
(RHSA-2022:8100) Low: swtpm security and bug fix update
2022-11-15 06:15:36
prion
prion
Out-of-bounds
2022-02-18 21:15:00
Design/Logic Flaw
2022-03-02 23:15:00
fedora
fedora
[SECURITY] Fedora 35 Update: swtpm-0.7.1-1.20220218git92a7035.fc35
2022-03-05 18:30:57
[SECURITY] Fedora 34 Update: libtpms-0.8.4-1.20210624gita594c4692a.fc34.1
2021-07-01 01:15:53
almalinux
almalinux
Low: swtpm security and bug fix update
2022-11-15 00:00:00
debiancve
debiancve
CVE-2022-23645
2022-02-18 21:15:00
CVE-2021-3623
2022-03-02 23:15:00
veracode
veracode
Denial Of Service (DoS)
2022-03-04 11:07:50
archlinux
archlinux
[ASA-202107-9] libtpms: information disclosure
2021-07-01 00:00:00
rocky
rocky
virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
2022-11-08 06:20:26
8.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:N/A:P
Related for ELSA-2022-9240