Описание
ELSA-2022-9240: libtpms security update (IMPORTANT)
libtpms [0.8.8-1.el7]
- spec: Update spec file to version 0.8.8
- Fri Sep 17 2021 Stefan Berger - 0.8.7-1
- tpm2: Fixes for building and running with OpenSSL 3.0
- Fri Sep 10 2021 Stefan Berger - 0.8.6-1
- tpm2: Marshal event sequence objects' hash state
- Wed Sep 01 2021 Stefan Berger - 0.8.5-1
- tpm2: NVMarshal: Handle index orderly RAM without 0-sized terminating node
- tpm2: Initialize a whole OBJECT before using it
- Wed Jun 23 2021 Stefan Berger - 0.8.4-1
- tpm2: Reset too large size indicators in TPM2B to avoid access beyond buffer
- Tue Jun 01 2021 Stefan Berger - 0.8.3-1
- tpm2: Work-around for Windows 2016 & 2019 bug related to ContextLoad
swtpm [0.3.4-5.el7]
- swtpm: Check header size indicator against expected size (CID 375869) (Stefan Berger) [Orabug: 33876933] {CVE-2022-23645}
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
libtpms
0.8.8-1.el7
libtpms-devel
0.8.8-1.el7
swtpm
0.3.4-5.el7
swtpm-devel
0.3.4-5.el7
swtpm-libs
0.3.4-5.el7
swtpm-tools
0.3.4-5.el7
Связанные CVE
Связанные уязвимости
A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulnerability is to system availability.
A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulnerability is to system availability.
A flaw was found in libtpms. The flaw can be triggered by specially-crafted TPM 2 command packets containing illegal values and may lead to an out-of-bounds access when the volatile state of the TPM 2 is marshalled/written or unmarshalled/read. The highest threat from this vulnerability is to system availability.
A flaw was found in libtpms. The flaw can be triggered by specially-cr ...
swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an out-of-bounds access when the byte array representing the state of the TPM is accessed. This will likely crash swtpm or prevent it from starting since the state cannot be understood. Users should upgrade to swtpm v0.5.3, v0.6.2, or v0.7.1 to receive a patch. There are currently no known workarounds.