9 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-3505
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libtpms in versions before 0.8.0. The TPM 2 implementation returns 2048 bit keys with 1984 bit strength due to a bug in the TCG specificatio...
RHEL 8 : av_libtpms (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtpms: RSA keys weaker than expected CVE-2021-3505 - tpm: TCG TPM2.0 implementations vulnerable to memo...
RHEL 8 : libtpms (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtpms: out-of-bounds access when trying to resume the state of the vTPM CVE-2021-3623 - A flaw was foun...
Security Bulletin: This Power System update is being released to address CVE-2021-3505
Summary A flaw was found in libtpms in versions before 0.8.0. The TPM 2 implementation returns 2048 bit keys with 1984 bit strength due to a bug in the TCG specification. The bug is in the key creation algorithm in RsaAdjustPrimeCandidate, which is called before the prime number check...
OESA-2022-1959 libtpms security update
A library providing TPM functionality for VMs. Targeted for integration into Qemu. Security Fixes: A flaw was found in libtpms in versions before 0.8.0. The TPM 2 implementation returns 2048 bit keys with 1984 bit strength due to a bug in the TCG specification. The bug is in the key creation...
Mageia: Security Advisory (MGASA-2021-0590)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated libtpms/swtpm packages fix security vulnerability
CryptSym: fix AES output IV CVE-2021-3505. Fixed a context save and suspend/resume problem when public keys are loaded. Reset too large size indicators in TPM2B to avoid access beyond buffer CVE-2021-3623 Restore original value in buffer if unmarshalled one was illegal Fixed out-of-bounds access...
Fedora: Security Advisory for libtpms (FEDORA-2021-cfdc434610)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-3505
CVE-2021-3505 affects libtpms