See https://github.com/advisories/GHSA-cr8w-xxqw-fm2m. An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM. This is CVE-2023-1018
Thanks! CVE-2023-1017 too, right? https://github.com/advisories/GHSA-c6qh-28m2-rfvf
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=23a58fcc488cbf098048cc82d65461c05ef629c0 commit 23a58fcc488cbf098048cc82d65461c05ef629c0 Author: Christopher Byrne <salah.coronya@gmail.com> AuthorDate: 2023-02-28 23:52:26 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-03-11 17:15:00 +0000 dev-libs/libtpms: add 0.9.6 Bug: https://bugs.gentoo.org/898504 Signed-off-by: Christopher Byrne <salah.coronya@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/29913 Signed-off-by: Sam James <sam@gentoo.org> dev-libs/libtpms/Manifest | 1 + dev-libs/libtpms/libtpms-0.9.6.ebuild | 48 +++++++++++++++++++++++++++++++++++ dev-libs/libtpms/metadata.xml | 3 +++ 3 files changed, 52 insertions(+)
Thanks!
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ecb866a1c0c6d1136257f3d4abb1d45638d15480 commit ecb866a1c0c6d1136257f3d4abb1d45638d15480 Author: John Helmert III <ajak@gentoo.org> AuthorDate: 2023-04-19 04:28:45 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2023-04-19 04:28:45 +0000 dev-libs/libtpms: drop 0.9.4, 0.9.5 Bug: https://bugs.gentoo.org/898504 Signed-off-by: John Helmert III <ajak@gentoo.org> dev-libs/libtpms/Manifest | 2 -- dev-libs/libtpms/libtpms-0.9.4.ebuild | 47 ---------------------------------- dev-libs/libtpms/libtpms-0.9.5.ebuild | 48 ----------------------------------- 3 files changed, 97 deletions(-)