CVE-2025-7844

CVE-2025-7844 affects wolfTPM (wolfSSL) via wolfTPM2_RsaKey_TpmToWolf: exporting an RSA key >2048 bits from a TPM can overflow a fixed-size stack buffer when MAX_RSA_KEY_BITS is 2048. Root cause: copying external data to a stack buffer without length validation. If MAX_RSA_KEY_BITS matches the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the tpm module not using kvalloc to allocate memory in eventlog/acpi.c. The vulnerability is caused by the u...

DEBIAN-CVE-2022-49287

In the Linux kernel, the following vulnerability has been resolved: tpm: fix reference counting for struct tpmchip The following sequence of operations results in a refcount warning: 1. Open device /dev/tpmrm. 2. Remove module tpmtisspi. 3. Write a TPM command to the file descriptor opened at ste...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the tpmtisspi module not considering SPI headers when allocating TPMSPIxfer buffers...

EulerOS Virtualization 2.9.1 : tpm2-tss (EulerOS-SA-2023-2008)

According to the versions of the tpm2-tss package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Sta...

SUSE CVE-2023-1017

An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service crashing the TPM chip/process ...