Lucene search
K

106 matches found

Mageia
Mageia
added 2022/03/23 8:36 a.m.44 views

Updated swtpm packages fix security vulnerability

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an...

6.2CVSS1.4AI score0.00404EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/03/23 12:0 a.m.10 views

Fedora: Security Advisory for swtpm (FEDORA-2022-087b1b4d2d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2022/03/23 12:0 a.m.16 views

Fedora: Security Advisory for swtpm (FEDORA-2022-12443a525c)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.2CVSS5.6AI score0.00404EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2022/03/22 12:0 a.m.52 views

libtpms security update

libtpms 0.8.8-1.el7 - spec: Update spec file to version 0.8.8 Fri Sep 17 2021 Stefan Berger - 0.8.7-1 - tpm2: Fixes for building and running with OpenSSL 3.0 Fri Sep 10 2021 Stefan Berger - 0.8.6-1 - tpm2: Marshal event sequence objects' hash state Wed Sep 01 2021 Stefan Berger - 0.8.5-1 - tpm2:...

6.2CVSS0.00404EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/03/22 12:0 a.m.54 views

Oracle Linux 7 : libtpms (ELSA-2022-9240)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9240 advisory. libtpms 0.8.8-1.el7 - spec: Update spec file to version 0.8.8 Fri Sep 17 2021 Stefan Berger - 0.8.7-1 - tpm2: Fixes for building and running with OpenS...

6.2CVSS6.7AI score0.00404EPSS
Exploits0References3
OSV
OSV
added 2022/03/19 11:3 a.m.4 views

OESA-2022-1576 swtpm security update

TPM emulator built on libtpms providing TPM functionality for QEMU VMs Security Fixes: swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm...

6.2CVSS6.8AI score0.00404EPSS
Exploits0References2
Fedora
Fedora
added 2022/03/05 6:30 p.m.27 views

[SECURITY] Fedora 35 Update: swtpm-0.7.1-1.20220218git92a7035.fc35

TPM emulator built on libtpms providing TPM functionality for QEMU VMs...

6.2CVSS1.9AI score0.00404EPSS
Exploits0
Fedora
Fedora
added 2022/03/05 6:11 p.m.17 views

[SECURITY] Fedora 34 Update: swtpm-0.6.2-1.20220218git23b78c0.fc34

TPM emulator built on libtpms providing TPM functionality for QEMU VMs...

1.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2022/02/21 11:18 a.m.73 views

CVE-2022-23645

An out-of-bounds read vulnerability was found in swtpm. The vulnerability exists due to a boundary condition when the byte array representing the state of the TPM is accessed. This flaw allows an attacker to send a specially crafted header, triggering an out-of-bounds read access on the byte arra...

6.2CVSS2AI score0.00404EPSS
Exploits0References3
OSV
OSV
added 2022/02/18 9:15 p.m.1 views

DEBIAN-CVE-2022-23645

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an...

5.5CVSS6.1AI score0.00404EPSS
Exploits0References1
NVD
NVD
added 2022/02/18 9:15 p.m.19 views

CVE-2022-23645

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an...

6.2CVSS0.00404EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2022/02/18 9:15 p.m.38 views

CVE-2022-23645

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an...

6.2CVSS6.4AI score0.00404EPSS
Exploits0References5
OSV
OSV
added 2022/02/18 9:15 p.m.3 views

UBUNTU-CVE-2022-23645

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an...

6.2CVSS6.5AI score0.00404EPSS
Exploits0References6
Prion
Prion
added 2022/02/18 9:15 p.m.18 views

Out-of-bounds

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an...

2.1CVSS5.3AI score0.00404EPSS
Exploits0References6Affected Software3
Vulnrichment
Vulnrichment
added 2022/02/18 8:50 p.m.6 views

CVE-2022-23645 Out-of-bounds read in swtpm

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an...

6.2CVSS6.2AI score0.00404EPSS
Exploits0References6
CVE
CVE
added 2022/02/18 8:50 p.m.175 views

CVE-2022-23645

Swtpm vulnerability CVE-2022-23645 affects libtpms-based TPM emulator swtpm prior to v0.5.3, v0.6.2, and v0.7.1. A specially crafted state header where blobheader hdrsize is invalid can trigger an out-of-bounds read when accessing the TPM state byte array, likely crashing swtpm or preventing it f...

6.2CVSS5.9AI score0.00404EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2022/02/18 8:50 p.m.41 views

CVE-2022-23645

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an...

6.2CVSS5.8AI score0.00404EPSS
Exploits0
OSV
OSV
added 2022/02/18 8:50 p.m.28 views

CVE-2022-23645 Out-of-bounds read in swtpm

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an...

6.2CVSS5.4AI score0.00404EPSS
Exploits0References8
Cvelist
Cvelist
added 2022/02/18 8:50 p.m.30 views

CVE-2022-23645 Out-of-bounds read in swtpm

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an...

6.2CVSS6AI score0.00404EPSS
Exploits0References6
CNNVD
CNNVD
added 2022/02/18 12:0 a.m.4 views

Stefanberger Swtpm 缓冲区错误漏洞

Stefanberger Swtpm is a Libtpms-based software emulator from the individual developer Stefanberger. The software supports sockets, character devices and the Linux CUSE interface. A buffer error vulnerability exists in Stefanberger Swtpm versions prior to 0.5.3, 0.6.2, and 0.7.1, which can be...

6.2CVSS6AI score0.00404EPSS
Exploits0References13
Rows per page
Query Builder