Lucene search
PRIOn knowledge basePRION:CVE-2020-24455HistoryFeb 26, 2021 - 3:15 a.m.
Privilege escalation
2021-02-2603:15:00
PRIOn knowledge base
www.prio-n.com
2
0.0004 Low
EPSS
Percentile
14.4%
Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fedora | eq | 34 | |
| tpm2_software_stack | lt | 2.4.3 | |
| tpm2_software_stack | ge | 3.0.0 | |
| tpm2_software_stack | lt | 3.0.1 |
References
bugzilla.redhat.com/show_bug.cgi?id=1902167
github.com/tpm2-software/tpm2-tss/releases/tag/2.4.3
github.com/tpm2-software/tpm2-tss/releases/tag/3.0.1
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KPOENCMJU4DMT3BDNUBRK25B3DJ47UO/
security.gentoo.org/glsa/202107-10
Related
fedora
fedora
[SECURITY] Fedora 32 Update: tpm2-tss-2.4.3-1.fc32
2020-10-06 15:02:32
[SECURITY] Fedora 34 Update: tpm2-tss-3.1.0-1.fc34
2021-05-24 01:02:16
cbl_mariner
cbl_mariner
CVE-2020-24455 affecting package tpm2-tss 2.4.0-1
2021-09-09 15:02:56
CVE-2020-24455 affecting package tpm2-tss for versions less than 2.4.6-1
2022-04-09 06:51:49
nessus
nessus
EulerOS 2.0 SP9 : tpm2-tss (EulerOS-SA-2021-1259)
2021-02-05 00:00:00
EulerOS 2.0 SP9 : tpm2-tss (EulerOS-SA-2021-1278)
2021-02-05 00:00:00
GLSA-202107-10 : TCG TPM2 Software Stack: Information disclosure
2022-01-24 00:00:00
ubuntucve
ubuntucve
CVE-2020-24455
2021-02-26 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for tpm2-tss (EulerOS-SA-2021-1259)
2021-02-05 00:00:00
Huawei EulerOS: Security Advisory for tpm2-tss (EulerOS-SA-2021-1278)
2021-02-05 00:00:00
Fedora: Security Advisory for tpm2-tss (FEDORA-2020-1d3fcce2a3)
2020-09-27 00:00:00
redhatcve
redhatcve
CVE-2020-24455
2020-11-27 08:22:47
gentoo
gentoo
TCG TPM2 Software Stack: Information disclosure
2021-07-07 00:00:00
cve
cve
CVE-2020-24455
2021-02-26 03:15:12
osv
osv
CVE-2020-24455
2021-02-26 03:15:12
cvelist
cvelist
CVE-2020-24455
2021-02-26 02:55:50
debiancve
debiancve
CVE-2020-24455
2021-02-26 03:15:12
mageia
mageia
Updated tpm2-tss packages fix a security vulnerability
2020-11-14 00:20:36
nvd
nvd
CVE-2020-24455
2021-02-26 03:15:12