106 matches found
Mageia: Security Advisory (MGASA-2021-0590)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2021-0590 Updated libtpms/swtpm packages fix security vulnerability
CryptSym: fix AES output IV CVE-2021-3505. Fixed a context save and suspend/resume problem when public keys are loaded. Reset too large size indicators in TPM2B to avoid access beyond buffer CVE-2021-3623 Restore original value in buffer if unmarshalled one was illegal Fixed out-of-bounds access...
Denial Of Service (DoS)
libtpms.so is vulnerable to denial of service. Decrypting data using RSA causes a SIGBUS bad memory access and termination of swtpm in CryptRsaDecrypt in src/tpm2/crypto/openssl/CryptRsa.c...
libtpms stack corruption vulnerability
libtpms is an application. Library that provides software emulation of trusted platform modules TPM 1.2 and TPM 2.0. libtpms has a security vulnerability that stems from a stack corruption bug that could lead to SIGBUS bad memory access and termination of swtpm. No detailed vulnerability details...
DEBIAN-CVE-2021-3569
A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS bad memory access and termination of swtpm. The highest threat from this vulnerability is to system availability...
CVE-2021-3569
A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS bad memory access and termination of swtpm. The highest threat from this vulnerability is to system availability...
UBUNTU-CVE-2021-3569
A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS bad memory access and termination of swtpm. The highest threat from this vulnerability is to system availability...
CVE-2021-3569
CVE-2021-3569 describes a stack corruption bug in libtpms that occurs when decrypting data using RSA. Affected versions are before 0.7.2 and before 0.8.0, and the flaw can cause a SIGBUS (bad memory access) and termination of swtpm, with the highest impact on availability. The connected sources c...
CVE-2021-3569
A stack corruption bug was found in libtpms in versions before 0.7.2 and before 0.8.0 while decrypting data using RSA. This flaw could result in a SIGBUS bad memory access and termination of swtpm. The highest threat from this vulnerability is to system availability...
libtpms 缓冲区错误漏洞
libtpms is an application. Library that provides software emulation of trusted platform modules TPM 1.2 and TPM 2.0. libtpms has a security vulnerability that stems from a stack corruption bug that could lead to SIGBUS bad memory access and termination of swtpm. No detailed vulnerability details...
CVE-2020-28407
A flaw was found in swtpm. This flaw allows an attacker to create a symbolic link with the name of the temporary file TMP2-00.permall for TPM 2 and have this point to a valuable file, which will get overwritten by swtpm. The success of the attack depends on the attacker having access to the TPM's...
Fedora 32 : swtpm (2020-c707fcb91f)
Another build of v0.5.1 after more fixes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...
Fedora 33 : swtpm (2020-00d28cf56b)
Another build of v0.5.1 after more fixes Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...
[SECURITY] Fedora 33 Update: swtpm-0.5.1-2.20201117git96f5a04.fc33
TPM emulator built on libtpms providing TPM functionality for QEMU VMs...
[SECURITY] Fedora 32 Update: swtpm-0.5.1-2.20201117git96f5a04.fc32
TPM emulator built on libtpms providing TPM functionality for QEMU VMs...
Stefanberger Swtpm Security Vulnerabilities
Stefanberger Swtpm is a Libtpms-based software emulator from the individual developer Stefanberger. The software supports features such as sockets, character devices and the Linux CUSE interface. A security vulnerability exists in Stefanberger Swtpm versions prior to 0.5.1, which stems from a...
Fedora: Security Advisory for swtpm (FEDORA-2020-c707fcb91f)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for swtpm (FEDORA-2020-00d28cf56b)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[ASA-202011-21] swtpm: privilege escalation
Arch Linux Security Advisory ASA-202011-21 ========================================== Severity: Medium Date : 2020-11-19 CVE-ID : CVE-2020-28407 Package : swtpm Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-1282 Summary ======= The package swtpm before version...
Fedora: Security Advisory for swtpm (FEDORA-2020-561c908a9a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...