Updated tpm2-tools packages fixes security vulnerabilities
Publication date: 09 May 2024Modification date: 09 May 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2024-29038 , CVE-2024-29039
Description
A flaw was found in the tpm2-tools package. This issue occurs due to a
missing check whether the magic number in attest is equal to
TPM2_GENERATED_VALUE, which can allow an attacker to generate arbitrary
quote data that may not be detected by tpm2_checkquote (CVE-2024-29038).
The pcr selection which is passed with the --pcr parameter is not
compared with the attest. So it is possible to fake a valid attestation
(CVE-2024-29039).
A vulnerability classified as problematic was found in tpm2-tools. This
vulnerability affects an unknown code of the file
tools/misc/tpm2_checkquote.c of the component pcr Selection Value
Handler. The manipulation with an unknown input leads to a comparison
vulnerability. The product compares two entities in a security-relevant
context, but the comparison is incorrect, which may lead to resultant
weaknesses.
References
- https://bugs.mageia.org/show_bug.cgi?id=33175
- https://bugzilla.redhat.com/show_bug.cgi?id=2278071
- https://vuldb.com/?id.262756
- https://bugzilla.redhat.com/show_bug.cgi?id=2278075
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29038
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-29039
SRPMS
9/core
- tpm2-tools-5.5.1-1.mga9