538 matches found
EUVD-2026-41271
A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 included, 4.8.0 to 4.8.15 included , 5.0.0 to 5.0.5 included There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the...
SUSE-SU-2026:22459-1 Security update for pcr-oracle
This update for pcr-oracle fixes the following issues Update to 0.6.3: Security issue: - integer underflow vulnerability in parsesbatlevelsection bsc1265042. Non security issue: - Lockout Authorization error for libvirt-emulated TPM bsc1265871. Changes for pcr-oracle: + Relax TPM self-test...
keylime: Keylime: Security bypass due to hardcoded TPM quote nonce
A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...
Moderate: Red Hat Security Advisory: keylime security update
An update for keylime is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
PT-2026-51932
Name of the Vulnerable Software and Affected Versions Linux kernel version 6.12.40 Description A global out-of-bounds read occurs in the create securityfs measurement lists function when the system uses a TPM chip with an unsupported hash algorithm. The issue arises because ima tpm chip-allocated...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: tpm: Clean up the TPM space after a command failure The tpmdevtransmit function prepares the TPM space before attempting to transmit a command. However, if the command fails, no rollback of this preparation occurs. This can lead ...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tpm: In tpmcrb, add acpiputtable to fix a memory leak. In crbacpiadd, we obtain the TPM2 table to retrieve information such as the start method, and then assign those values to private data. Therefore, the TPM2 table is not used...
Astra Linux – Vulnerability in Linux 5.10, Linux
A flaw was discovered in the Linux kernel’s implementation of proxied virtualized TPM devices. In a system where virtualized TPM devices are enabled which is not the default setting, a local attacker can exploit this flaw to create a “use-after-free” condition, potentially allowing them to escala...
EUVD-2026-36411
A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure again...
CVE-2026-9266
CVE-2026-9266 affects Moxa’s embedded Linux firmware for industrial computers and controllers. The issue is a Missing Required Cryptographic Step, an incomplete remediation of CVE-2026-0714, where TPM2 parameter encryption is undermined by an omission in the authorization session configuration. A...
CVE-2026-9266
A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure again...
PT-2026-48857
A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure again...
MGASA-2026-0197 Updated gnupg2 packages fix security vulnerabilities
CVE-2025-68973, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. CVE-2026-24882, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC key...
CVE-2026-46283
A flaw was found in the Linux kernel's Trusted Platform Module TPM driver. This vulnerability arises from the driver's failure to securely clear sensitive cryptographic material, such as session keys and passphrases, from memory when a TPM device is released. A local attacker could potentially...
UBUNTU-CVE-2026-46283
In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...
CVE-2026-46283 tpm: Use kfree_sensitive() to free auth session in tpm_dev_release()
In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...
CVE-2026-46283
In the provided sources, CVE-2026-46283 affects the Linux kernel TPM subsystem, where tpm_dev_release() frees sensitive material (chip->auth) with plain kfree() instead of kfree_sensitive(). This leaves HMAC session keys, nonces, and passphrase data potentially scrubbed only later in memory, u...
[SECURITY] Fedora 43 Update: keylime-7.14.2-1.fc43
Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution...
[SECURITY] Fedora 44 Update: keylime-7.14.2-1.fc44
Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution...
CVE-2026-6923
A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman ECDH key...