Lucene search
K

4 matches found

OSV
OSV
added 2025/03/17 8:16 p.m.6 views

RLSA-2024:9424 Low: tpm2-tools security update

The tpm2-tools packages add a set of utilities for management and utilization of Trusted Platform Module TPM 2.0 devices from user space. Security Fixes: tpm2-tools: arbitrary quote data may go undetected by tpm2checkquote CVE-2024-29038 tpm2-tools: pcr selection value is not compared with the...

4.4CVSS6.7AI score0.00984EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2024/11/12 9:4 a.m.4 views

tpm2-tools: arbitrary quote data may go undetected by tpm2_checkquote

A flaw was found in the tpm2-tools package. This issue occurs due to a missing check whether the magic number in attest is equal to TPM2GENERATEDVALUE, which can allow an attacker to generate arbitrary quote data that may not be detected by tpm2checkquote...

4.3CVSS5.8AI score0.0037EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/06/28 1:44 p.m.15 views

CVE-2024-29038 tpm2 does not detect if quote was not generated by TPM

tpm2-tools is the source repository for the Trusted Platform Module TPM2.0 tools. A malicious attacker can generate arbitrary quote data which is not detected by tpm2 checkquote. This issue was patched in version 5.7...

4.3CVSS7.2AI score0.0037EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/06/28 1:44 p.m.21 views

CVE-2024-29038 tpm2 does not detect if quote was not generated by TPM

tpm2-tools is the source repository for the Trusted Platform Module TPM2.0 tools. A malicious attacker can generate arbitrary quote data which is not detected by tpm2 checkquote. This issue was patched in version 5.7...

4.3CVSS0.0037EPSS
Exploits1References2
Rows per page
Query Builder