Debian Swtpm vulnerabilities

CVE-2022-23645 [MEDIUM] CVE-2022-23645: swtpm - swtpm is a libtpms-based TPM emulator with socket, character device, and Linux C... swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an out-of-bounds access when the byte array representing the state of the T

CVE-2020-28407 [HIGH] CVE-2020-28407: swtpm - In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to ov... In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall. Scope: local bookworm: resolved forky: resolved sid: resolved trixie: resolved