Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in libtpms in versions before 0.8.0. The TPM 2 implementation returns 2048 bit keys with ~1984 bit strength due to a bug in the TCG specification. The bug is in the key creation algorithm in RsaAdjustPrimeCandidate(), which is called before the prime number check. The highest threat from this vulnerability is to data confidentiality.
CVSS Information
N/A
Vulnerability Type
信息熵不充分
Vulnerability Title
Archlinux libtpms 安全特征问题漏洞
Vulnerability Description
Archlinux libtpms是 Archlinux开源的一个应用程序。提供可信任平台模块(TPM 1.2和TPM 2.0)的软件仿真的库。 libtpms 0.8.0之前版本存在安全特征问题漏洞,该漏洞源于TCG规范中的一个错误,RsaAdjustPrimeCandidate()中的密钥创建算法在质数检查之前被调用。
CVSS Information
N/A
Vulnerability Type
N/A