Lucene search
K

57 matches found

Cvelist
Cvelist
added 2023/01/19 10:12 p.m.20 views

CVE-2023-22745 Buffer Overlow in TSS2_RC_Decode in tpm2-tss

tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, Tss2RCSetHandler and Tss2RCDecode both index into layerhandler with an 8 bit layer number, but the array...

6.4CVSS6.8AI score0.00519EPSS
Exploits1References4
CVE
CVE
added 2023/01/19 10:12 p.m.253 views

CVE-2023-22745

CVE-2023-22745 affects tpm2-tss: prior to versions 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, Tss2_RC_SetHandler and Tss2_RC_Decode index into layer_handler with an 8-bit layer number while the array has TPM2_ERROR_TSS2_RC_LAYER_COUNT entries, allowing a buffer overrun. This can read/write past the buffer ...

6.4CVSS7.2AI score0.00519EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2023/01/19 10:12 p.m.22 views

CVE-2023-22745 Buffer Overlow in TSS2_RC_Decode in tpm2-tss

tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, Tss2RCSetHandler and Tss2RCDecode both index into layerhandler with an 8 bit layer number, but the array...

6.4CVSS7.4AI score0.00519EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2023/01/19 10:12 p.m.22 views

CVE-2023-22745

tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, Tss2RCSetHandler and Tss2RCDecode both index into layerhandler with an 8 bit layer number, but the array...

6.4CVSS7.4AI score0.00519EPSS
Exploits1
OSV
OSV
added 2021/05/18 5:41 a.m.24 views

RLSA-2021:1627 Moderate: trousers security, bug fix, and enhancement update

TrouSerS is an implementation of the Trusted Computing Group's Software Stack TSS specification. TrouSerS enables the user to write applications that make use of the Trusted Platform Module TPM hardware. The following packages have been upgraded to a later upstream version: trousers 0.3.15...

7.8CVSS7.1AI score0.00553EPSS
Exploits3References4
Rockylinux
Rockylinux
added 2021/05/18 5:41 a.m.26 views

trousers security, bug fix, and enhancement update

An update is available for trousers. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list TrouSerS is an implementation of the Trusted Computing Group's Software Stac...

7.8CVSS7AI score0.00553EPSS
Exploits3
NVD
NVD
added 2020/11/18 5:15 p.m.16 views

CVE-2020-26933

Trusted Computing Group TCG Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USEDAUSED. Improper initialization of this shut-down may result in susceptibility to a dictionary atta...

7.2CVSS7AI score0.00297EPSS
Exploits0References2
Prion
Prion
added 2020/11/18 5:15 p.m.15 views

Design/Logic Flaw

Trusted Computing Group TCG Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USEDAUSED. Improper initialization of this shut-down may result in susceptibility to a dictionary atta...

3.6CVSS6AI score0.00297EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/11/18 4:50 p.m.23 views

CVE-2020-26933

Trusted Computing Group TCG Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USEDAUSED. Improper initialization of this shut-down may result in susceptibility to a dictionary atta...

7.2CVSS7AI score0.00297EPSS
Exploits0References2
CVE
CVE
added 2020/11/18 4:50 p.m.39 views

CVE-2020-26933

CVE-2020-26933 concerns the Trusted Computing Group TPM Library Family 2.0 (library revisions 1.38–1.59). The issue is an Incorrect Access Control during a non-orderly TPM shut-down that uses USE_DA_USED, where improper initialization may render the TPM vulnerable to a dictionary attack. The core...

7.2CVSS6AI score0.00297EPSS
Exploits0References2Affected Software1
Fedora
Fedora
added 2020/11/05 1:4 a.m.32 views

[SECURITY] Fedora 33 Update: trousers-0.3.14-4.fc33

TrouSerS is an implementation of the Trusted Computing Group's Software Sta ck TSS specification. You can use TrouSerS to write applications that make u se of your TPM hardware. TPM hardware can create, store and use RSA keys securely without ever being exposed in memory, verify a platform's soft...

7.8CVSS1.4AI score0.00553EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2020/10/09 12:0 a.m.20 views

EulerOS 2.0 SP9 : trousers (EulerOS-SA-2020-2172)

According to the versions of the trousers package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - TrouSerS is an implementation of the Trusted Computing Group's Software Stack TSS specification. You can use TrouSerS to write applications tha...

7.8CVSS6.7AI score0.00553EPSS
Exploits3References4
Symantec
Symantec
added 2019/11/12 12:0 a.m.40 views

Trusted Platform Module CVE-2019-16863 Unspecified Security Vulnerability

Description Trusted Platform Module is prone to an unspecified security vulnerability. Successfully exploiting this issue will allow attackers to perform unauthorized actions; this may aid in launching further attacks. Technologies Affected STMicroelectronics Trusted Platform Module Trusted...

0.2AI score0.03279EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2018/09/13 12:27 p.m.64 views

New Cold Boot Attack Unlocks Disk Encryption On Nearly All Modern PCs

Security researchers have revealed a new attack to steal passwords, encryption keys and other sensitive information stored on most modern computers, even those with full disk encryption. The attack is a new variation of a traditional Cold Boot Attack, which is around since 2008 and lets attackers...

0.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/11/12 12:0 a.m.33 views

CentOS 6 : trousers (CESA-2014:1507)

Updated trousers packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...

5CVSS5.7AI score0.10509EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2014/10/14 12:0 a.m.32 views

RHEL 6 : trousers (RHSA-2014:1507)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:1507 advisory. TrouSerS is an implementation of the Trusted Computing Group's Software Stack TSS specification. You can use TrouSerS to write applications that make...

5CVSS5.8AI score0.10509EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2012/09/11 12:0 a.m.25 views

Fedora Update for trousers FEDORA-2012-12973

Check for the Version of trousers OpenVAS Vulnerability Test Fedora Update for trousers FEDORA-2012-12973 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

5CVSS0.4AI score0.10509EPSS
Exploits2References2
Rows per page
Query Builder