28 matches found
CLSA-2025-1764614196 tpm2-tools: Fix of CVE-2024-29039
CVE-2024-29039: add comparison of pcr selection to prevent misleading picture of the TPM state...
TencentOS Server 4: tpm2-tools (TSSA-2024:0270)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0270 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Linux Distros Unpatched Vulnerability : CVE-2024-29039
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering...
Oracle Linux 9 : tpm2-tools (ELSA-2024-9424)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-9424 advisory. - tpm2checkquote: Fix check of magic number. CVE-2024-29038 - tpm2checkquote: Add comparison of pcr selection. CVE-2024-29039 Tenable has extracted the...
tpm2-tools security update
5.2-4 - Backport upstream fixes. - tpm2checkquote: Fix check of magic number. CVE-2024-29038 - tpm2checkquote: Add comparison of pcr selection. CVE-2024-29039 - Fix check of magic number. Resolves: RHEL-23198 Resolves: RHEL-41031 Resolves: RHEL-41035...
RHEL 9 : tpm2-tools (RHSA-2024:9424)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:9424 advisory. The tpm2-tools packages add a set of utilities for management and utilization of Trusted Platform Module TPM 2.0 devices from user space...
Low: tpm2-tools security update
The tpm2-tools packages add a set of utilities for management and utilization of Trusted Platform Module TPM 2.0 devices from user space. Security Fixes: tpm2-tools: arbitrary quote data may go undetected by tpm2checkquote CVE-2024-29038 tpm2-tools: pcr selection value is not compared with the...
OESA-2024-2081 tpm2-tools security update
The package contains the code for the TPM Trusted Platform Module 2.0 tools based on tpm2-tss. Security Fixes: tpm2-tools is the source repository for the Trusted Platform Module TPM2.0 tools. A malicious attacker can generate arbitrary quote data which is not detected by tpm2 checkquote. This...
Medium: tpm2-tools
Issue Overview: tpm2-tools: arbitrary quote data may go undetected by tpm2checkquote CVE-2024-29038 tpm2-tools: pcr selection value is not compared with the attest CVE-2024-29039 Affected Packages: tpm2-tools Issue Correction: Run dnf update tpm2-tools --releasever 2023.5.20240805 to update your...
CVE-2024-29039 affecting package tpm2-tools for versions less than 5.5.1-1
CVE-2024-29039 affecting package tpm2-tools for versions less than 5.5.1-1. A patched version of the package is available...
CBL Mariner 2.0 Security Update: tpm2-tools (CVE-2024-29039)
The version of tpm2-tools installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29039 advisory. - tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows...
CVE-2024-29039 affecting package tpm2-tools for versions less than 4.3.2-2
CVE-2024-29039 affecting package tpm2-tools for versions less than 4.3.2-2. A patched version of the package is available...
AZL-43015 CVE-2024-29039 affecting package tpm2-tools for versions less than 5.5.1-1
tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...
CVE-2024-29039
tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...
CVE-2024-29039 Missing check in tpm2_checkquote allows attackers to misrepresent the TPM state
tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...
CVE-2024-29039 Missing check in tpm2_checkquote allows attackers to misrepresent the TPM state
tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...
CVE-2024-29039
tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...
CVE-2024-29039 Missing check in tpm2_checkquote allows attackers to misrepresent the TPM state
tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...
Fedora: Security Advisory (FEDORA-2024-4512dc54af)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for tpm2-tools (FEDORA-2024-3265d70b61)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...