High severity7.8NVD Advisory· Published Nov 16, 2017· Updated Jun 17, 2026
CVE-2017-16837
CVE-2017-16837
Description
Certain function pointers in Trusted Boot (tboot) through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module (TPM) by hooking these function pointers.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- cpe:2.3:a:trusted_boot_project:trusted_boot:1.9.6:*:*:*:*:*:*:*
- Range: <=1.9.6
- osv-coords5 versionspkg:rpm/opensuse/tboot&distro=openSUSE%20Tumbleweedpkg:rpm/suse/tboot&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/tboot&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/tboot&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/tboot&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
< 20210614_1.10.2-2.2+ 4 more
- (no CPE)range: < 20210614_1.10.2-2.2
- (no CPE)range: < 20160518_1.9.4-7.5.1
- (no CPE)range: < 20160518_1.9.4-7.5.1
- (no CPE)range: < 20160518_1.9.4-7.5.1
- (no CPE)range: < 20160518_1.9.4-7.5.1
Patches
Vulnerability mechanics
References
2- sourceforge.net/p/tboot/code/ci/521c58e51eb5be105a29983742850e72c44ed80e/nvdIssue TrackingPatchThird Party Advisory
- www.usenix.org/conference/usenixsecurity18/presentation/hannvd
News mentions
0No linked articles in our index yet.