506 matches found
PT-2023-1651 · Tpm2.0 +8 · Tpm2.0 +8
Name of the Vulnerable Software and Affected Versions: TPM2.0 affected versions not specified Description: An out-of-bounds write vulnerability exists in TPM2.0's Module Library, allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. This can lea...
TCG TPM 缓冲区错误漏洞
TCG TPM is a chip from the Trusted Computing Group that is planted inside a computer to provide a trusted root for the computer. A buffer error vulnerability exists in version 2.0 of the TCG TPM that stems from an out-of-bounds read issue. An attacker could use this vulnerability to read or acces...
TCG TPM 缓冲区错误漏洞
TCG TPM is a chip from the Trusted Computing Group that is planted inside a computer to provide a trusted root for the computer. A security vulnerability exists in version 2.0 of the TCG TPM that stems from an out-of-bounds write issue. An attacker could use this vulnerability to cause a denial o...
UBUNTU-CVE-2023-1018
An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM...
K32412503: Trusted Platform Module vulnerabilities CVE-2019-11090 and CVE-2019-16863
Security Advisory Description CVE-2019-11090 Cryptographic timing conditions in the subsystem for IntelR PTT before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0 and 14.0.10; IntelR TXE 3.1.70 and 4.0.20; IntelR SPS before versions SPSE504.01.04.305.0, SPSSoC-X04.00.04.108.0,...
K47405432: Infineon Trusted Platform Module Vulnerable RSA Generation vulnerability CVE-2017-15361
Security Advisory Description The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module TPM firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attacke...
[SECURITY] Fedora 36 Update: tpm2-tss-3.2.2-1.fc36
tpm2-tss is a software stack supporting Trusted Platform ModuleTPM 2.0 syst em APIs. It sits between TPM driver and applications, providing TPM2.0 specified APIs for applications to access TPM module through kernel TPM drivers...
SUSE CVE-2011-1162
The tpmread function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command...
SUSE CVE-2017-16837
Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...
SUSE CVE-2020-12946
Insufficient input validation in ASP firmware for discrete TPM commands could allow a potential loss of integrity and denial of service...
SUSE CVE-2020-24455
Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3...
SUSE CVE-2021-3746
A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. The vulnerability is triggered by specially-crafted TPM2 command packets that then trigger the issue when the state of the TPM2's volatile state is written. The highest threat from this vulnerabili...
SUSE CVE-2022-2977
A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured this is not the default a local attacker can create a use-after-free and create a situation where it may be possible to escalate privileges on the syste...
SUSE CVE-2023-22745
tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, Tss2RCSetHandler and Tss2RCDecode both index into layerhandler with an 8 bit layer number, but the array...
OESA-2023-1079 tpm2-tss security update
tpm2-tss is a software stack supporting Trusted Platform ModuleTPM 2.0 system APIs which provides TPM2.0 specified APIs for applications to access TPM module through kernel TPM drivers. Security Fixes: tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted...
AZL-69129 CVE-2023-22745 affecting package tpm2-tss for versions less than 4.0.1-1
tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, Tss2RCSetHandler and Tss2RCDecode both index into layerhandler with an 8 bit layer number, but the array...
AZL-13055 CVE-2023-22745 affecting package tpm2-tss for versions less than 2.4.6-2
tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, Tss2RCSetHandler and Tss2RCDecode both index into layerhandler with an 8 bit layer number, but the array...
CVE-2023-22745
tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, Tss2RCSetHandler and Tss2RCDecode both index into layerhandler with an 8 bit layer number, but the array...
UBUNTU-CVE-2023-22745
tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, Tss2RCSetHandler and Tss2RCDecode both index into layerhandler with an 8 bit layer number, but the array...
Buffer overflow
tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In affected versions Tss2RCSetHandler and Tss2RCDecode both index into layerhandler with an 8 bit layer number, but the array only has TPM2ERRORTSS2RCLAYERCOUNT...