57 matches found
CVE-2023-22745 Buffer Overlow in TSS2_RC_Decode in tpm2-tss
tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, Tss2RCSetHandler and Tss2RCDecode both index into layerhandler with an 8 bit layer number, but the array...
CVE-2023-22745
CVE-2023-22745 affects tpm2-tss: prior to versions 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, Tss2_RC_SetHandler and Tss2_RC_Decode index into layer_handler with an 8-bit layer number while the array has TPM2_ERROR_TSS2_RC_LAYER_COUNT entries, allowing a buffer overrun. This can read/write past the buffer ...
CVE-2023-22745 Buffer Overlow in TSS2_RC_Decode in tpm2-tss
tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, Tss2RCSetHandler and Tss2RCDecode both index into layerhandler with an 8 bit layer number, but the array...
CVE-2023-22745
tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, Tss2RCSetHandler and Tss2RCDecode both index into layerhandler with an 8 bit layer number, but the array...
RLSA-2021:1627 Moderate: trousers security, bug fix, and enhancement update
TrouSerS is an implementation of the Trusted Computing Group's Software Stack TSS specification. TrouSerS enables the user to write applications that make use of the Trusted Platform Module TPM hardware. The following packages have been upgraded to a later upstream version: trousers 0.3.15...
trousers security, bug fix, and enhancement update
An update is available for trousers. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list TrouSerS is an implementation of the Trusted Computing Group's Software Stac...
CVE-2020-26933
Trusted Computing Group TCG Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USEDAUSED. Improper initialization of this shut-down may result in susceptibility to a dictionary atta...
Design/Logic Flaw
Trusted Computing Group TCG Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USEDAUSED. Improper initialization of this shut-down may result in susceptibility to a dictionary atta...
CVE-2020-26933
Trusted Computing Group TCG Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USEDAUSED. Improper initialization of this shut-down may result in susceptibility to a dictionary atta...
CVE-2020-26933
CVE-2020-26933 concerns the Trusted Computing Group TPM Library Family 2.0 (library revisions 1.38–1.59). The issue is an Incorrect Access Control during a non-orderly TPM shut-down that uses USE_DA_USED, where improper initialization may render the TPM vulnerable to a dictionary attack. The core...
[SECURITY] Fedora 33 Update: trousers-0.3.14-4.fc33
TrouSerS is an implementation of the Trusted Computing Group's Software Sta ck TSS specification. You can use TrouSerS to write applications that make u se of your TPM hardware. TPM hardware can create, store and use RSA keys securely without ever being exposed in memory, verify a platform's soft...
EulerOS 2.0 SP9 : trousers (EulerOS-SA-2020-2172)
According to the versions of the trousers package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - TrouSerS is an implementation of the Trusted Computing Group's Software Stack TSS specification. You can use TrouSerS to write applications tha...
Trusted Platform Module CVE-2019-16863 Unspecified Security Vulnerability
Description Trusted Platform Module is prone to an unspecified security vulnerability. Successfully exploiting this issue will allow attackers to perform unauthorized actions; this may aid in launching further attacks. Technologies Affected STMicroelectronics Trusted Platform Module Trusted...
New Cold Boot Attack Unlocks Disk Encryption On Nearly All Modern PCs
Security researchers have revealed a new attack to steal passwords, encryption keys and other sensitive information stored on most modern computers, even those with full disk encryption. The attack is a new variation of a traditional Cold Boot Attack, which is around since 2008 and lets attackers...
CentOS 6 : trousers (CESA-2014:1507)
Updated trousers packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
RHEL 6 : trousers (RHSA-2014:1507)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:1507 advisory. TrouSerS is an implementation of the Trusted Computing Group's Software Stack TSS specification. You can use TrouSerS to write applications that make...
Fedora Update for trousers FEDORA-2012-12973
Check for the Version of trousers OpenVAS Vulnerability Test Fedora Update for trousers FEDORA-2012-12973 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...