Lucene search
K

535 matches found

RedHat Linux
RedHat Linux
added 2026/06/24 1:39 a.m.10 views

keylime: Keylime: Security bypass due to hardcoded TPM quote nonce

A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...

6.3CVSS5.8AI score0.00121EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/24 1:39 a.m.7 views

Moderate: Red Hat Security Advisory: keylime security update

An update for keylime is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

6.3CVSS6AI score0.00121EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: tpm: Limit the number of PCR banks The function tpm2getpcrallocation does not impose any upper limit on the number of banks. The limit is set to eight banks, so values that exceed this limit from external I/O cause only limite...

5.5CVSS5.4AI score0.00123EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tpm: fixed reference counting for struct tpmchip The following sequence of operations results in a refcount warning: 1. Open the device /dev/tpmrm. 2. Remove the module tpmtisspi. 3. Write a TPM command to the file descriptor...

7.8CVSS5.6AI score0.00274EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in edk2

A BIOS bug in the firmware of a specific PC model leaves the Platform authorization value empty. This can be used to permanently brick the TPM in multiple ways, as well as to non-permanently cause damage to the system’s performance...

7.8CVSS6.3AI score0.01165EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tpm: In tpmcrb, add acpiputtable to fix a memory leak. In crbacpiadd, we obtain the TPM2 table to retrieve information such as the start method, and then assign those values to private data. Therefore, the TPM2 table is not used...

5.5CVSS5.3AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

A flaw was discovered in the Linux kernel’s implementation of proxied virtualized TPM devices. In a system where virtualized TPM devices are enabled which is not the default setting, a local attacker can exploit this flaw to create a “use-after-free” condition, potentially allowing them to escala...

7.8CVSS6.7AI score0.00233EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: tpm: use trygetops in tpm-space.c As part of the series of changes to remove nested TPM operations: https://lore.kernel.org/all/[email protected]/ The exposure of the chip-tpmmutex was removed...

4.7CVSS5.6AI score0.00219EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tpm: Do not start the chip while it is suspended. Checking TPMCHIPFLAGSUSPENSED after the call to tpmfindgetops can lead to a spurious tpmchipstart call: 35985.503771 i2c i2c-1: Transfer while suspended 35985.503796 WARNING: CPU:...

5.5CVSS6.2AI score0.0016EPSS
Exploits0References2
CVE
CVE
added 2026/06/12 10:0 a.m.18 views

CVE-2026-9266

CVE-2026-9266 affects Moxa’s embedded Linux firmware for industrial computers and controllers. The issue is a Missing Required Cryptographic Step, an incomplete remediation of CVE-2026-0714, where TPM2 parameter encryption is undermined by an omission in the authorization session configuration. A...

7CVSS5.2AI score0.0007EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 10:0 a.m.7 views

EUVD-2026-36411

A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure again...

7CVSS5.1AI score0.00115EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 10:0 a.m.6 views

CVE-2026-9266

A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure again...

7CVSS5.2AI score0.0007EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.11 views

PT-2026-48857

A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remediation of CVE-2026-0714. The firmware introduced TPM2 parameter encryption as a countermeasure again...

7CVSS5.2AI score0.0007EPSS
Exploits0References2
OSV
OSV
added 2026/06/11 4:55 p.m.4 views

MGASA-2026-0197 Updated gnupg2 packages fix security vulnerabilities

CVE-2025-68973, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. CVE-2026-24882, a stack-based buffer overflow exists in tpm2daemon during handling of the PKDECRYPT command for TPM-backed RSA and ECC key...

8.4CVSS7.3AI score0.00447EPSS
Exploits2References6
RedhatCVE
RedhatCVE
added 2026/06/08 7:54 p.m.9 views

CVE-2026-46283

A flaw was found in the Linux kernel's Trusted Platform Module TPM driver. This vulnerability arises from the driver's failure to securely clear sensitive cryptographic material, such as session keys and passphrases, from memory when a TPM device is released. A local attacker could potentially...

5.5CVSS5.4AI score0.00168EPSS
Exploits0References4
OSV
OSV
added 2026/06/08 5:16 p.m.6 views

UBUNTU-CVE-2026-46283

In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...

5.4AI score0.00168EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/08 3:41 p.m.38 views

CVE-2026-46283 tpm: Use kfree_sensitive() to free auth session in tpm_dev_release()

In the Linux kernel, the following vulnerability has been resolved: tpm: Use kfreesensitive to free auth session in tpmdevrelease tpmdevrelease uses plain kfree to free chip-auth, which contains sensitive cryptographic material including HMAC session keys, nonces, and passphrase data struct...

0.00168EPSS
Exploits0References4
CVE
CVE
added 2026/06/08 3:41 p.m.19 views

CVE-2026-46283

The CVE concerns the Linux kernel TPM driver: tpm_dev_release() frees the chip->auth structure with plain kfree(), leaving sensitive material (HMAC session keys, nonces, passphrase data) in freed memory. Other code paths scrub before free via kfree_sensitive(), so this path risks leaking sensi...

5.5AI score0.00168EPSS
Exploits0References4
Fedora
Fedora
added 2026/06/07 1:7 a.m.14 views

[SECURITY] Fedora 43 Update: keylime-7.14.2-1.fc43

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution...

6.3CVSS5.5AI score0.00121EPSS
Exploits0
Fedora
Fedora
added 2026/06/07 12:57 a.m.15 views

[SECURITY] Fedora 44 Update: keylime-7.14.2-1.fc44

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution...

6.3CVSS5.5AI score0.00121EPSS
Exploits0
Rows per page
Query Builder