Tpm2 Software Stack Project Tpm2 Software Stack vulnerabilities
2 known vulnerabilities affecting tpm2_software_stack_project/tpm2_software_stack.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2023-22745MEDIUMCVSS 6.4fixed in 3.2.2≥ 4.0.0, < 4.1.02023-01-19
CVE-2023-22745 [MEDIUM] CWE-120 CVE-2023-22745: tpm2-tss is an open source software implementation of the Trusted Computing Group (TCG) Trusted Plat
tpm2-tss is an open source software implementation of the Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2 Software Stack (TSS2). In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, `Tss2_RC_SetHandler` and `Tss2_RC_Decode` both index into `layer_handler` with an 8 bit layer number, but the array only has `TPM2_ERROR_TSS2_RC_LAYER_COU
nvd
CVE-2020-24455MEDIUMCVSS 6.7fixed in 2.4.3≥ 3.0.0, < 3.0.12021-02-26
CVE-2020-24455 [MEDIUM] CWE-909 CVE-2020-24455: Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially e
Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3.
nvd