N/A

The Trusted Platform Modules (TPM) reference software may not properly track the number of times a failed shutdown happens. This can leave the TPM in a state where confidential key material in the TPM may be able to be compromised. AMD believes that the attack requires physical access of the device because the power must be repeatedly turned on and off. This potential attack may be used to change confidential information, alter executables signed by key material in the TPM, or create a denial of service of the device.

N/A

检查时间与使用时间(TOCTOU)的竞争条件

Trusted Platform Modules 访问控制错误漏洞

AMD Trusted Platform Modules是美国AMD公司的一款符合TMP标准的安全芯片。该芯片可有效保护PC、防止非法用户登录。 Trusted Platform Modules (TPM)存在访问控制错误漏洞，该漏洞源于无法正确跟踪失败关机发生的次数。攻击者可利用该漏洞更改机密信息，修改由TPM中的关键材料签署的可执行文件，或创建拒绝服务的设备。

N/A

N/A