MINI-PCRC-8QM9-2XH3

Bulletin has no description...

MINI-PCR5-RJH2-F6GF

Bulletin has no description...

PT-2026-44854

Name of the Vulnerable Software and Affected Versions EDK II affected versions not specified Description An issue exists where the firmware measures bytes differently from those actually being used. This affects the PCR5 measurements, which record the expected GUID Partition Table GPT layout...

SUSE CVE-2023-43630

PCR14 is not in the list of PCRs that seal/unseal the “vault” key, but due to the change that was implemented in commit “7638364bc0acf8b5c481b5ce5fea11ad44ad7fd4”, fixing this issue alone would not solve the problem of the config partition not being measured correctly. Also, the “vault” key is...

SUSE CVE-2023-43634

When sealing/unsealing the “vault” key, a list of PCRs is used, which defines which PCRs are used. In a previous project, CYMOTIVE found that the configuration is not protected by the secure boot, and in response Zededa implemented measurements on the config partition that was mapped to PCR 13. I...

MINI-PCR5-4P6V-3MX7

Bulletin has no description...

SUSE CVE-2026-43058

In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix pass-by-value structs causing MSAN warnings vidtvtsnullwriteinto and vidtvtspcrwriteinto take their argument structs by value, causing MSAN to report uninit-value warnings. While only vidtvtsnullwriteinto has...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: tpm: Cap the number of PCR banks tpm2getpcrallocation does not cap any upper limit for the number of banks. Cap the limit to eight banks so that out of bounds values coming from external I/O cause on only limited harm...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: PCI/PM: Drain runtime-idle callbacks before driver removal A race condition between the .runtimeidle callback and the .remove callback in the rtsxpcr PCI driver leads to a kernel crash due to an unhandled page fault 1. The proble...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mt7530: Fix VLAN traffic leaks The PCRMATRIX field was set to all 1’s when VLAN filtering is enabled, but it wasn’t reset when VLAN filtering was disabled. This could lead to traffic leaks: ip link add br0 type bridge...

Advisory ROSA-SA-2026-3224

software: tpm2-tools 5.5.1 OS: ROSA-CHROME unaffected versions = tpm2-tools-5.5.1-1 affected versions tpm2-tools-5.5.1-1 CVE-ID: CVE-2024-29039 BDU-ID: 2025-16174 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the tpm2 checkquote component of the Trusted Platform Module tpm2-tools repository fo...

CVE-2025-12699

The ZOLL ePCR IOS application reflects unsanitized user input into a WebView. Attacker-controlled strings placed into PCR fields run number, incident, call sign, notes are interpreted as HTML/JS when the app prints or renders that content. In the proof of concept POC, injected scripts return loca...

PT-2026-7469

Name of the Vulnerable Software and Affected Versions ZOLL ePCR IOS application affected versions not specified Description The application displays user-supplied data within a WebView without proper sanitization. Specifically, attacker-controlled strings entered into PCR fields such as run numbe...

EVE Doesn't Protect Config Partition with Measured Boot

Impact Config partition measurement was moved from PCR 13 to PCR 14 in a commit, but PCR 14 was not added to the list of PCRs that seal/unseal the vault key. As a result, an attacker can remove the disk, use another server to modify the files in the config partition, and then re-insert the disk...

EUVD-2023-48034

EVE Doesn't Protect Config Partition with Measured Boot...

PT-2026-6361

Impact The vault key is sealed using SHA1 PCRs instead of SHA256 PCRs Thus an attacker with physical access to an EVE-OS device can try to brute force creating a kernel or rootfs image which produces the same SHA1 PCR but with malicious content. Patches Fixed in 9.4.3-lts and 10.1.0 Workarounds N...

PT-2026-6461

Impact PCR14 is not included in the list of PCRs that seal/unseal the vault key. Additionally, the vault key uses SHA1 PCRs instead of SHA256. Thus an attacker with physical access can take out the disk, use a different computer to modify the files in the /config partition, and re-insert the disk...

MiracleLinux 9 : tpm2-tools-5.2-4.el9 (AXSA:2024-9175:01)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-9175:01 advisory. tpm2-tools: arbitrary quote data may go undetected by tpm2checkquote CVE-2024-29038 tpm2-tools: pcr selection value is not compared with the attest...

tpm: Cap the number of PCR banks

...

CVE-2025-71077

In the Linux kernel, the following vulnerability has been resolved: tpm: Cap the number of PCR banks tpm2getpcrallocation does not cap any upper limit for the number of banks. Cap the limit to eight banks so that out of bounds values coming from external I/O cause on only limited harm...