rpm package
suse/tpm2.0-tools&distro=SUSE Linux Micro 6.0
pkg:rpm/suse/tpm2.0-tools&distro=SUSE%20Linux%20Micro%206.0
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-29040 | Med | 4.3 | < 5.7-1.1 | 5.7-1.1 | Jun 28, 2024 | This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned by Fapi_Quote has to be deserialized by Fapi_VerifyQuote to the TPM Structure `TPMS_ATTEST`. For the field `TPM2_GENERATED magic` of this str | |
| CVE-2024-29039 | Cri | 9.0 | < 5.7-1.1 | 5.7-1.1 | Jun 28, 2024 | tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and ba | |
| CVE-2024-29038 | Med | 4.3 | < 5.7-1.1 | 5.7-1.1 | Jun 28, 2024 | tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7. |
- affected < 5.7-1.1fixed 5.7-1.1
This repository hosts source code implementing the Trusted Computing Group's (TCG) TPM2 Software Stack (TSS). The JSON Quote Info returned by Fapi_Quote has to be deserialized by Fapi_VerifyQuote to the TPM Structure `TPMS_ATTEST`. For the field `TPM2_GENERATED magic` of this str
- affected < 5.7-1.1fixed 5.7-1.1
tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and ba
- affected < 5.7-1.1fixed 5.7-1.1
tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7.