Описание
ELSA-2021-4413: tpm2-tools security and enhancement update (MODERATE)
[4.1.1-5]
- Bump nvr to trigger osci. resolves: rhbz#1965981
[4.1.1-4]
- Fix CVE-2021-3565 resolves: rhbz#1965981
[4.1.1-3]
- Fix resource leak.
- Fix to restrict policy digest size.
- Fix incompatible pointer cast.
- Fix error message in files_load_##name
- Fix issue where execution couldnt reach function return. resolves: rhbz#1920821
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
tpm2-tools
4.1.1-5.el8
Oracle Linux x86_64
tpm2-tools
4.1.1-5.el8
Связанные CVE
Связанные уязвимости
A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality.
A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality.
A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality.
A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3 ...