Описание
An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | not-affected | 0.9.3-0ubuntu2 |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | released | 0.9.3-0ubuntu1.22.04.1 |
| kinetic | released | 0.9.3-0ubuntu1.22.10.1 |
| trusty | ignored | end of standard support |
| upstream | released | 0.9.6 |
| xenial | ignored | end of standard support |
Показывать по
Ссылки на источники
5.5 Medium
CVSS3
Связанные уязвимости
An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.
An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.
CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability
An out-of-bounds read vulnerability exists in TPM2.0's Module Library ...
An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.
5.5 Medium
CVSS3