Tpm2-Software Tpm2-Tools vulnerabilities
2 known vulnerabilities affecting tpm2-software/tpm2-tools.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1LOW1
Vulnerabilities
Page 1 of 1
CVE-2024-29039HIGHCVSS 8.1fixed in 5.72024-06-28
CVE-2024-29039 [HIGH] CWE-807 CVE-2024-29039: tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability all
tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a misleading picture of the TPM state. This issue has been
nvd
CVE-2024-29038LOWCVSS 3.3v>= 4.1-rc0, < 5.72024-06-28
CVE-2024-29038 [LOW] CWE-1283 CVE-2024-29038: tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious atta
tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7.
nvd