rpm package
suse/libtpms&distro=SUSE Linux Enterprise Micro 5.1
pkg:rpm/suse/libtpms&distro=SUSE%20Linux%20Enterprise%20Micro%205.1
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-1017 | — | < 0.8.2-150300.3.9.1 | 0.8.2-150300.3.9.1 | Feb 28, 2023 | An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the | ||
| CVE-2023-1018 | — | < 0.8.2-150300.3.9.1 | 0.8.2-150300.3.9.1 | Feb 28, 2023 | An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM. | ||
| CVE-2021-3623 | — | < 0.8.2-150300.3.6.1 | 0.8.2-150300.3.6.1 | Mar 2, 2022 | A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulner | ||
| CVE-2021-3746 | — | < 0.8.2-3.3.1 | 0.8.2-3.3.1 | Oct 19, 2021 | A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. The vulnerability is triggered by specially-crafted TPM2 command packets that then trigger the issue when the state of the TPM2's volatile state is written. The highest threat from |
- CVE-2023-1017Feb 28, 2023affected < 0.8.2-150300.3.9.1fixed 0.8.2-150300.3.9.1
An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the
- CVE-2023-1018Feb 28, 2023affected < 0.8.2-150300.3.9.1fixed 0.8.2-150300.3.9.1
An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.
- CVE-2021-3623Mar 2, 2022affected < 0.8.2-150300.3.6.1fixed 0.8.2-150300.3.6.1
A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulner
- CVE-2021-3746Oct 19, 2021affected < 0.8.2-3.3.1fixed 0.8.2-3.3.1
A flaw was found in the libtpms code that may cause access beyond the boundary of internal buffers. The vulnerability is triggered by specially-crafted TPM2 command packets that then trigger the issue when the state of the TPM2's volatile state is written. The highest threat from