Updated libtpms packages fix security vulnerability
Publication date: 18 Mar 2023Modification date: 18 Mar 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2023-1017 , CVE-2023-1018
Description
An out-of-bounds write vulnerability exists in TPM2.0's Module Library
allowing writing of a 2-byte data past the end of TPM2.0 command in the
CryptParameterDecryption routine. An attacker who can successfully exploit
this vulnerability can lead to denial of service (crashing the TPM
chip/process or rendering it unusable) and/or arbitrary code execution in
the TPM context. (CVE-2023-1017)
An out-of-bounds read vulnerability exists in TPM2.0's Module Library
allowing a 2-byte read past the end of a TPM2.0 command in the
CryptParameterDecryption routine. An attacker who can successfully exploit
this vulnerability can read or access sensitive data stored in the TPM.
(CVE-2023-1018)
References
- https://bugs.mageia.org/show_bug.cgi?id=31651
- https://ubuntu.com/security/notices/USN-5933-1
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4WEJNRD36D3EOCZVXKGPDSJXA35DPPSE/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1017
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1018
SRPMS
8/core
- libtpms-0.9.6-1.mga8