504 matches found
CVE-2026-0714
A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and...
CVE-2026-0714
A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and...
CVE-2026-0714
A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and...
CVE-2026-0714
A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and...
CVE-2026-0714
A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and...
CVE-2026-0714
CVE-2026-0714 (CISA/Red Hat context included) describes a physical-attack vulnerability in certain Moxa industrial computers running Moxa Industrial Linux 3 with TPM-backed LUKS full-disk encryption. The discrete TPM is connected to the CPU over an SPI bus. Exploitation requires invasive physical...
Moxa Industrial Linux 安全漏洞
Moxa Industrial Linux is an industrial-grade Linux system developed by Moxa Corporation in Taiwan, China. Moxa Industrial Linux has a security vulnerability, which stems from the physical attack vulnerability present in LUKS full-disk encryption supported by TPM. This vulnerability could lead to...
SUSE SLES16 Security Update : gpg2 (SUSE-SU-2026:20195-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:20195-1 advisory. - CVE-2026-24882: stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys bsc1257396. - CVE-2026-24883: deni...
CVE-2025-36238 Power System Exposure of Sensitive System Information
IBM PowerVM Hypervisor FW1110.00 through FW1110.03, FW1060.00 through FW1060.51, and FW950.00 through FW950.F0 could allow a local user with administration privileges to obtain sensitive information from a Virtual TPM through a series of PowerVM service procedures...
CVE-2025-36238
IBM PowerVM Hypervisor FW1110.00 through FW1110.03, FW1060.00 through FW1060.51, and FW950.00 through FW950.F0 could allow a local user with administration privileges to obtain sensitive information from a Virtual TPM through a series of PowerVM service procedures...
OPENSUSE-SU-2026:20136-1 Security update for gpg2
This update for gpg2 fixes the following issues: - CVE-2026-24882: stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys bsc1257396. - CVE-2026-24883: denial of service due to long signature packet length causing parsesignature to return success with sig-data set to a NULL...
CVE-2026-24882
In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...
CVE-2026-24882
In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...
CVE-2026-24882
In GnuPG before 2.5.17, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC keys...
Security Bulletin: This Power System update is being released to address CVE-2025-36238
Summary If an attacker is able to gain system administrator access a Virtual TPM can be compromised through the use of a series of PowerVM service procedures. Vulnerability Details CVEID:CVE-2025-36238 DESCRIPTION: IBM PowerVM Hypervisor could allow a local user with administration privileges to...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004892)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004892 advisory. In the Linux kernel, the following vulnerability has been resolved: tpm: tpmcrb: Add the missed acpiputtable to fix memory leak In crbacpiadd, we get the TPM2 table ...
Security update for keylime
This update for keylime fixes the following issues: CVE-2025-13609: avoid re-registration of clients with same UUID but with different TPM identity bsc1254199. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2026:0217-1 Security update for keylime
This update for keylime fixes the following issues: - CVE-2025-13609: avoid re-registration of clients with same UUID but with different TPM identity bsc1254199...
MiracleLinux 9 : libtpms-0.9.1-3.20211126git1ff6fe1f43.el9 (AXSA:2023-5454:01)
The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5454:01 advisory. tpm: TCG TPM2.0 implementations vulnerable to memory corruption CVE-2023-1017 tpm2: TCG TPM2.0 implementations vulnerable to memory corruption...
tpm: Cap the number of PCR banks
...