Advisories » MGASA-2024-0170

Updated tpm2-tools packages fixes security vulnerabilities

Publication date: 09 May 2024
Modification date: 09 May 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-29038 , CVE-2024-29039

Description

A flaw was found in the tpm2-tools package. This issue occurs due to a
missing check whether the magic number in attest is equal to
TPM2_GENERATED_VALUE, which can allow an attacker to generate arbitrary
quote data that may not be detected by tpm2_checkquote (CVE-2024-29038).
The pcr selection which is passed with the --pcr parameter is not
compared with the attest. So it is possible to fake a valid attestation
(CVE-2024-29039).
A vulnerability classified as problematic was found in tpm2-tools. This
vulnerability affects an unknown code of the file
tools/misc/tpm2_checkquote.c of the component pcr Selection Value
Handler. The manipulation with an unknown input leads to a comparison
vulnerability. The product compares two entities in a security-relevant
context, but the comparison is incorrect, which may lead to resultant
weaknesses.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33175
• https://bugzilla.redhat.com/show_bug.cgi?id=2278071
• https://vuldb.com/?id.262756
• https://bugzilla.redhat.com/show_bug.cgi?id=2278075
• https://www.cve.org/CVERecord?id=CVE-2024-29038
• https://www.cve.org/CVERecord?id=CVE-2024-29039

SRPMS

9/core

• tpm2-tools-5.5.1-1.mga9