5 matches found
SUSE CVE-2023-43632
As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing limited functionality of the TPM to the clients. VTPM allows clients to execute tpm2-tools binaries from a list of hardcoded options” The communication with this server is done using...
GHSA-6JP5-GRGH-JW42 EVE Freely Allocates Buffer on The Stack With Data From Socket
Impact VTPM server listens on port 8877, exposing limited TPM functionality. The server reads 4 bytes as a uint32 size header, then allocates that amount on the stack for incoming data. This allows Denial of Service attacks against the vTPM service. An workload a container or VM running on EVE-OS...
EVE Freely Allocates Buffer on The Stack With Data From Socket
Impact VTPM server listens on port 8877, exposing limited TPM functionality. The server reads 4 bytes as a uint32 size header, then allocates that amount on the stack for incoming data. This allows Denial of Service attacks against the vTPM service. An workload a container or VM running on EVE-OS...
PT-2026-6382
Impact VTPM server listens on port 8877, exposing limited TPM functionality. The server reads 4 bytes as a uint32 size header, then allocates that amount on the stack for incoming data. This allows Denial of Service attacks against the vTPM service. An workload a container or VM running on EVE-OS...
PT-2023-28888
Name of the Vulnerable Software and Affected Versions EVE affected versions not specified Description The issue concerns a server listening on port 8877 in EVE, exposing limited functionality of the TPM to clients. This server, known as VTPM, allows clients to execute tpm2-tools binaries from a...