25 matches found
TencentOS Server 4: libtpms (TSSA-2024:0279)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0279 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
TencentOS Server 3: virt and virt-devel (TSSA-2023:0110)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0110 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Linux Distros Unpatched Vulnerability : CVE-2023-1018
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption...
Security Bulletin: This Power System update is being released to address CVE-2023-1017 and CVE-2023-1018
Summary An attacker with access to the host could send malformed commands to the TPM which would result in a TPM DoS. A complete power cycle of the system is required to recover. Vulnerability Details CVEID:CVE-2023-1017 DESCRIPTION: Trusted Computing Group Trusted Platform Module could allow a...
Security Bulletin: This Power System update is being released to address CVE-2023-1017 and CVE-2023-1018
Summary TCG Trusted Platform Module code is used by PowerVM to support virtual TPM. This bulletin provides a remediation for the impacted vulnerabilities, CVE-2023-1017 and CVE-2023-1018, by upgrading PowerVM and thus addressing the exposure to the TCG TPM vulnerability. Vulnerability Details...
Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
Oracle Linux 9 : libtpms (ELSA-2023-2453)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-2453 advisory. 0.9.1-3.20211126git1ff6fe1f43 - Backport 'tpm2: Check size of buffer before accessing it' CVE-2023-1017 & CVE-2023-1018 Resolves: rhbz2173960 Resolves:...
libtpms security update
0.9.1-3.20211126git1ff6fe1f43 - Backport 'tpm2: Check size of buffer before accessing it' CVE-2023-1017 & CVE-2023-1018 Resolves: rhbz2173960 Resolves: rhbz2173967...
RHEL 9 : libtpms (RHSA-2023:2453)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:2453 advisory. The libtpms is a library providing Trusted Platform Module TPM functionality for virtual machines. Security Fixes: tpm: TCG TPM2.0...
Moderate: Red Hat Security Advisory: libtpms security update
An update for libtpms is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
ALSA-2023:2453 Moderate: libtpms security update
The libtpms is a library providing Trusted Platform Module TPM functionality for virtual machines. Security Fixes: tpm: TCG TPM2.0 implementations vulnerable to memory corruption CVE-2023-1017 tpm2: TCG TPM2.0 implementations vulnerable to memory corruption CVE-2023-1018 For more details about th...
Moderate: libtpms security update
The libtpms is a library providing Trusted Platform Module TPM functionality for virtual machines. Security Fixes: tpm: TCG TPM2.0 implementations vulnerable to memory corruption CVE-2023-1017 tpm2: TCG TPM2.0 implementations vulnerable to memory corruption CVE-2023-1018 For more details about th...
SUSE SLES15 / openSUSE 15 Security Update : libtpms (SUSE-SU-2023:2051-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2051-1 advisory. - CVE-2023-1017: Fixed out-of-bounds write in CryptParameterDecryption bsc1206022. - CVE-2023-1018: Fixed out-of-boun...
SUSE-SU-2023:2051-1 Security update for libtpms
This update for libtpms fixes the following issues: - CVE-2023-1017: Fixed out-of-bounds write in CryptParameterDecryption bsc1206022. - CVE-2023-1018: Fixed out-of-bounds read in CryptParameterDecryption bsc1206023...
Updated libtpms packages fix security vulnerability
An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service crashing the TPM chip/process ...
Fedora: Security Advisory for libtpms (FEDORA-2023-64f2a84db1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows Multiple Vulnerabilities (KB5023713)
This host is missing a critical security update according to Microsoft KB5023713 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KB5023696: Windows 10 Version 20H2 / Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (March 2023)
The remote Windows host is missing security update 5023696. It is, therefore, affected by multiple vulnerabilities - An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An...
KB5023702: Windows 10 version 1809 / Windows Server 2019 Security Update (March 2023)
The remote Windows host is missing security update 5023702. It is, therefore, affected by multiple vulnerabilities - An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An...
USN-5933-1: Libtpms vulnerabilities
Francisco Falcon discovered that Libtpms did not properly manage memory when performing certain cryptographic operations. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. CVE-2023-1017, CVE-2023-1018 It was discovered that Libtpms did not...