VYPR

rpm package

almalinux/tpm2-tools

pkg:rpm/almalinux/tpm2-tools

Vulnerabilities (3)

  • CVE-2024-29039Jun 28, 2024
    affected < 5.2-4.el9fixed 5.2-4.el9

    tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and ba

  • CVE-2024-29038Jun 28, 2024
    affected < 5.2-4.el9fixed 5.2-4.el9

    tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7.

  • CVE-2021-3565Jun 4, 2021
    affected < 4.1.1-5.el8fixed 4.1.1-5.el8

    A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to d