rpm package
suse/libtpms&distro=SUSE Linux Enterprise Module for Server Applications 15 SP4
pkg:rpm/suse/libtpms&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP4
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-1017 | — | < 0.8.2-150300.3.9.1 | 0.8.2-150300.3.9.1 | Feb 28, 2023 | An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the | ||
| CVE-2023-1018 | — | < 0.8.2-150300.3.9.1 | 0.8.2-150300.3.9.1 | Feb 28, 2023 | An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM. | ||
| CVE-2021-3623 | — | < 0.8.2-150300.3.6.1 | 0.8.2-150300.3.6.1 | Mar 2, 2022 | A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulner |
- CVE-2023-1017Feb 28, 2023affected < 0.8.2-150300.3.9.1fixed 0.8.2-150300.3.9.1
An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the
- CVE-2023-1018Feb 28, 2023affected < 0.8.2-150300.3.9.1fixed 0.8.2-150300.3.9.1
An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.
- CVE-2021-3623Mar 2, 2022affected < 0.8.2-150300.3.6.1fixed 0.8.2-150300.3.6.1
A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulner