24 matches found
TencentOS Server 4: libtpms (TSSA-2024:0279)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0279 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Linux Distros Unpatched Vulnerability : CVE-2023-1017
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the...
Security Bulletin: This Power System update is being released to address CVE-2023-1017 and CVE-2023-1018
Summary An attacker with access to the host could send malformed commands to the TPM which would result in a TPM DoS. A complete power cycle of the system is required to recover. Vulnerability Details CVEID:CVE-2023-1017 DESCRIPTION: Trusted Computing Group Trusted Platform Module could allow a...
RHEL 8 : av_libtpms (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtpms: RSA keys weaker than expected CVE-2021-3505 - tpm: TCG TPM2.0 implementations vulnerable to memo...
RHEL 8 : tpm (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - tpm: TCG TPM2.0 implementations vulnerable to memory corruption CVE-2023-1017 Note that Nessus has not tested for...
Security Bulletin: This Power System update is being released to address CVE-2023-1017 and CVE-2023-1018
Summary TCG Trusted Platform Module code is used by PowerVM to support virtual TPM. This bulletin provides a remediation for the impacted vulnerabilities, CVE-2023-1017 and CVE-2023-1018, by upgrading PowerVM and thus addressing the exposure to the TCG TPM vulnerability. Vulnerability Details...
libtpms security update
0.9.1-3.20211126git1ff6fe1f43 - Backport 'tpm2: Check size of buffer before accessing it' CVE-2023-1017 & CVE-2023-1018 Resolves: rhbz2173960 Resolves: rhbz2173967...
Oracle Linux 9 : libtpms (ELSA-2023-2453)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-2453 advisory. 0.9.1-3.20211126git1ff6fe1f43 - Backport 'tpm2: Check size of buffer before accessing it' CVE-2023-1017 & CVE-2023-1018 Resolves: rhbz2173960 Resolves:...
RHEL 9 : libtpms (RHSA-2023:2453)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:2453 advisory. The libtpms is a library providing Trusted Platform Module TPM functionality for virtual machines. Security Fixes: tpm: TCG TPM2.0...
Moderate: Red Hat Security Advisory: libtpms security update
An update for libtpms is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
ALSA-2023:2453 Moderate: libtpms security update
The libtpms is a library providing Trusted Platform Module TPM functionality for virtual machines. Security Fixes: tpm: TCG TPM2.0 implementations vulnerable to memory corruption CVE-2023-1017 tpm2: TCG TPM2.0 implementations vulnerable to memory corruption CVE-2023-1018 For more details about th...
Moderate: libtpms security update
The libtpms is a library providing Trusted Platform Module TPM functionality for virtual machines. Security Fixes: tpm: TCG TPM2.0 implementations vulnerable to memory corruption CVE-2023-1017 tpm2: TCG TPM2.0 implementations vulnerable to memory corruption CVE-2023-1018 For more details about th...
SUSE SLES15 / openSUSE 15 Security Update : libtpms (SUSE-SU-2023:2051-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2051-1 advisory. - CVE-2023-1017: Fixed out-of-bounds write in CryptParameterDecryption bsc1206022. - CVE-2023-1018: Fixed out-of-boun...
SUSE-SU-2023:2051-1 Security update for libtpms
This update for libtpms fixes the following issues: - CVE-2023-1017: Fixed out-of-bounds write in CryptParameterDecryption bsc1206022. - CVE-2023-1018: Fixed out-of-bounds read in CryptParameterDecryption bsc1206023...
Updated libtpms packages fix security vulnerability
An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service crashing the TPM chip/process ...
Fedora: Security Advisory for libtpms (FEDORA-2023-64f2a84db1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows Multiple Vulnerabilities (KB5023713)
This host is missing a critical security update according to Microsoft KB5023713 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KB5023696: Windows 10 Version 20H2 / Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (March 2023)
The remote Windows host is missing security update 5023696. It is, therefore, affected by multiple vulnerabilities - An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An...
KB5023702: Windows 10 version 1809 / Windows Server 2019 Security Update (March 2023)
The remote Windows host is missing security update 5023702. It is, therefore, affected by multiple vulnerabilities - An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An...
SUSE CVE-2023-1017
An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service crashing the TPM chip/process ...