Lucene search
K

28 matches found

OSV
OSV
added 2025/12/01 8:49 p.m.6 views

CLSA-2025-1764614196 tpm2-tools: Fix of CVE-2024-29039

CVE-2024-29039: add comparison of pcr selection to prevent misleading picture of the TPM state...

9CVSS5.8AI score0.00984EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.7 views

TencentOS Server 4: tpm2-tools (TSSA-2024:0270)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0270 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9CVSS6.1AI score0.00984EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-29039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering...

9CVSS6.5AI score0.00984EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/11/19 12:0 a.m.10 views

Oracle Linux 9 : tpm2-tools (ELSA-2024-9424)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-9424 advisory. - tpm2checkquote: Fix check of magic number. CVE-2024-29038 - tpm2checkquote: Add comparison of pcr selection. CVE-2024-29039 Tenable has extracted the...

9CVSS5.8AI score0.00984EPSS
Exploits2References3
Oracle linux
Oracle linux
added 2024/11/14 12:0 a.m.267 views

tpm2-tools security update

5.2-4 - Backport upstream fixes. - tpm2checkquote: Fix check of magic number. CVE-2024-29038 - tpm2checkquote: Add comparison of pcr selection. CVE-2024-29039 - Fix check of magic number. Resolves: RHEL-23198 Resolves: RHEL-41031 Resolves: RHEL-41035...

9CVSS6.9AI score0.00984EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/11/12 12:0 a.m.9 views

RHEL 9 : tpm2-tools (RHSA-2024:9424)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:9424 advisory. The tpm2-tools packages add a set of utilities for management and utilization of Trusted Platform Module TPM 2.0 devices from user space...

9CVSS6.1AI score0.00984EPSS
Exploits2References8
AlmaLinux
AlmaLinux
added 2024/11/12 12:0 a.m.16 views

Low: tpm2-tools security update

The tpm2-tools packages add a set of utilities for management and utilization of Trusted Platform Module TPM 2.0 devices from user space. Security Fixes: tpm2-tools: arbitrary quote data may go undetected by tpm2checkquote CVE-2024-29038 tpm2-tools: pcr selection value is not compared with the...

9CVSS6.7AI score0.00984EPSS
Exploits2References6
OSV
OSV
added 2024/08/30 11:9 a.m.6 views

OESA-2024-2081 tpm2-tools security update

The package contains the code for the TPM Trusted Platform Module 2.0 tools based on tpm2-tss. Security Fixes: tpm2-tools is the source repository for the Trusted Platform Module TPM2.0 tools. A malicious attacker can generate arbitrary quote data which is not detected by tpm2 checkquote. This...

9CVSS7.1AI score0.00984EPSS
Exploits2References3
Amazon
Amazon
added 2024/08/15 12:0 a.m.6 views

Medium: tpm2-tools

Issue Overview: tpm2-tools: arbitrary quote data may go undetected by tpm2checkquote CVE-2024-29038 tpm2-tools: pcr selection value is not compared with the attest CVE-2024-29039 Affected Packages: tpm2-tools Issue Correction: Run dnf update tpm2-tools --releasever 2023.5.20240805 to update your...

9CVSS7.3AI score0.00984EPSS
Exploits2
CBLMariner
CBLMariner
added 2024/07/22 7:0 p.m.20 views

CVE-2024-29039 affecting package tpm2-tools for versions less than 5.5.1-1

CVE-2024-29039 affecting package tpm2-tools for versions less than 5.5.1-1. A patched version of the package is available...

9CVSS6.9AI score0.00984EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2024/07/20 12:0 a.m.22 views

CBL Mariner 2.0 Security Update: tpm2-tools (CVE-2024-29039)

The version of tpm2-tools installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29039 advisory. - tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows...

9CVSS6.2AI score0.00984EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2024/07/18 4:30 p.m.10 views

CVE-2024-29039 affecting package tpm2-tools for versions less than 4.3.2-2

CVE-2024-29039 affecting package tpm2-tools for versions less than 4.3.2-2. A patched version of the package is available...

9CVSS6.9AI score0.00984EPSS
Exploits1
OSV
OSV
added 2024/06/28 4:15 p.m.7 views

AZL-43015 CVE-2024-29039 affecting package tpm2-tools for versions less than 5.5.1-1

tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...

9CVSS5.7AI score0.00984EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2024/06/28 4:15 p.m.15 views

CVE-2024-29039

tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...

9CVSS6.6AI score0.00984EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/06/28 3:48 p.m.24 views

CVE-2024-29039 Missing check in tpm2_checkquote allows attackers to misrepresent the TPM state

tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...

9CVSS7AI score0.00984EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/06/28 3:48 p.m.27 views

CVE-2024-29039 Missing check in tpm2_checkquote allows attackers to misrepresent the TPM state

tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...

9CVSS0.00984EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2024/06/28 3:48 p.m.15 views

CVE-2024-29039

tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...

9CVSS6.5AI score0.00984EPSS
Exploits1
OSV
OSV
added 2024/06/28 3:48 p.m.14 views

CVE-2024-29039 Missing check in tpm2_checkquote allows attackers to misrepresent the TPM state

tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...

9CVSS6.7AI score0.00984EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.11 views

Fedora: Security Advisory (FEDORA-2024-4512dc54af)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS5.3AI score0.00984EPSS
Exploits2References4
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.15 views

Fedora: Security Advisory for tpm2-tools (FEDORA-2024-3265d70b61)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS5.3AI score0.00984EPSS
Exploits2References2
Rows per page
Query Builder