Fedora 40 update for tpm2-tools, tpm2-tss



Risk Low
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2024-29040
CVE-2024-29038
CVE-2024-29039
CWE-ID CWE-345
CWE-1283
CWE-807
Exploitation vector Local
Public exploit N/A
Vulnerable software
 Fedora
Operating systems & Components / Operating system

tpm2-tss
Operating systems & Components / Operating system package or component

tpm2-tools
Operating systems & Components / Operating system package or component

Vendor Fedoraproject

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Insufficient verification of data authenticity

EUVDB-ID: #VU89838

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-29040

CWE-ID: CWE-345 - Insufficient Verification of Data Authenticity

Exploit availability: No

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to missing checks for the magic number. A local user can generate arbitrary quote data, which may not be detected by Fapi_VerifyQuote.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Fedora: 40

tpm2-tss: before 4.1.0-1.fc40

tpm2-tools: before 5.7-1.fc40

CPE2.3 External links

https://bodhi.fedoraproject.org/updates/FEDORA-2024-0c9d3b51d4


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Mutable Attestation or Measurement Reporting Data

EUVDB-ID: #VU96646

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-29038

CWE-ID: CWE-1283 - Mutable Attestation or Measurement Reporting Data

Exploit availability: No

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to improper input validation. A local user can generate arbitrary quote data which is not detected by tpm2 checkquote and gain access to sensitive information.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Fedora: 40

tpm2-tss: before 4.1.0-1.fc40

tpm2-tools: before 5.7-1.fc40

CPE2.3 External links

https://bodhi.fedoraproject.org/updates/FEDORA-2024-0c9d3b51d4


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Reliance on Untrusted Inputs in a Security Decision

EUVDB-ID: #VU96645

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-29039

CWE-ID: CWE-807 - Reliance on Untrusted Inputs in a Security Decision

Exploit availability: No

Description

The vulnerability allows a local user to manipulate the TMP state.

The vulnerability exists due to insufficient validation of PCR input. A local user can alter TPML_PCR_SELECTION and manipulate the TMP state.

Mitigation

Install updates from vendor's repository.

Vulnerable software versions

Fedora: 40

tpm2-tss: before 4.1.0-1.fc40

tpm2-tools: before 5.7-1.fc40

CPE2.3 External links

https://bodhi.fedoraproject.org/updates/FEDORA-2024-0c9d3b51d4


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###