Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-23645

Опубликовано: 18 фев. 2022
Источник: nvd
CVSS3: 6.2
CVSS3: 5.5
CVSS2: 2.1
EPSS Низкий

Описание

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an out-of-bounds access when the byte array representing the state of the TPM is accessed. This will likely crash swtpm or prevent it from starting since the state cannot be understood. Users should upgrade to swtpm v0.5.3, v0.6.2, or v0.7.1 to receive a patch. There are currently no known workarounds.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:swtpm_project:swtpm:*:*:*:*:*:*:*:*
Версия до 0.5.3 (исключая)
cpe:2.3:a:swtpm_project:swtpm:*:*:*:*:*:*:*:*
Версия от 0.6.0 (включая) до 0.6.2 (исключая)
cpe:2.3:a:swtpm_project:swtpm:0.7.0:-:*:*:*:*:*:*
cpe:2.3:a:swtpm_project:swtpm:0.7.0:rc1:*:*:*:*:*:*
cpe:2.3:a:swtpm_project:swtpm:0.7.0:rc2:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

EPSS

Процентиль: 4%
0.0002
Низкий

6.2 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-125

Связанные уязвимости

ubuntu логотип

CVE-2022-23645

CVSS3: 6.2
ubuntu
больше 3 лет назад

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an out-of-bounds access when the byte array representing the state of the TPM is accessed. This will likely crash swtpm or prevent it from starting since the state cannot be understood. Users should upgrade to swtpm v0.5.3, v0.6.2, or v0.7.1 to receive a patch. There are currently no known workarounds.

redhat логотип

CVE-2022-23645

CVSS3: 5.5
redhat
больше 3 лет назад

swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an out-of-bounds access when the byte array representing the state of the TPM is accessed. This will likely crash swtpm or prevent it from starting since the state cannot be understood. Users should upgrade to swtpm v0.5.3, v0.6.2, or v0.7.1 to receive a patch. There are currently no known workarounds.

debian логотип

CVE-2022-23645

CVSS3: 6.2
debian
больше 3 лет назад

swtpm is a libtpms-based TPM emulator with socket, character device, a ...

suse-cvrf логотип

SUSE-SU-2022:1297-1

suse-cvrf
около 3 лет назад

Security update for swtpm

oracle-oval логотип

ELSA-2022-8100

oracle-oval
больше 2 лет назад

ELSA-2022-8100: swtpm security and bug fix update (LOW)

EPSS

Процентиль: 4%
0.0002
Низкий

6.2 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-125