CVE-2023-32690 Responder can Invoke Undefined Behavior in libspdm Requester

libspdm is a sample implementation that follows the DMTF SPDM specifications. Prior to versions 2.3.3 and 3.0, following a successful CAPABILITIES response, a libspdm Requester stores the Responder's CTExponent into its context without validation. If the Requester sends a request message that...

PT-2023-5344 · Libspdm · Libspdm

Name of the Vulnerable Software and Affected Versions: libspdm versions prior to 2.3.3 libspdm versions prior to 3.0 Description: The issue arises due to insufficient validation of input data in the libspdm library. This can be exploited by a remote attacker to cause a denial of service. When a...

CVE-2023-31127 DMTF-2023-0001: SPDM mutual authentication bypass

libspdm is a sample implementation that follows the DMTF SPDM specifications. A vulnerability has been identified in SPDM session establishment in libspdm prior to version 2.3.1. If a device supports both DHE session and PSK session with mutual authentication, the attacker may be able to establis...

PT-2023-5348 · Libspdm · Libspdm

Name of the Vulnerable Software and Affected Versions: libspdm versions 1.0 through 2.3 Description: A vulnerability has been identified in SPDM session establishment in libspdm. If a device supports both DHE session and PSK session with mutual authentication, an attacker may be able to establish...