2 matches found
CVE-2022-23645
Swtpm vulnerability CVE-2022-23645 affects libtpms-based TPM emulator swtpm prior to v0.5.3, v0.6.2, and v0.7.1. A specially crafted state header where blobheader hdrsize is invalid can trigger an out-of-bounds read when accessing the TPM state byte array, likely crashing swtpm or preventing it f...
CVE-2020-28407
CVE-2020-28407 affects the TPM emulator product swtpm (versions before 0.4.2 and 0.5.x before 0.5.1). A local attacker can overwrite arbitrary files via a symlink attack against a temporary file (e.g., TMP2-00.permall). The issue is achievable with local access and does not require user interacti...