Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Out-of-bounds read in swtpm
Vulnerability Description
swtpm is a libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. Versions prior to 0.5.3, 0.6.2, and 0.7.1 are vulnerable to out-of-bounds read. A specially crafted header of swtpm's state, where the blobheader's hdrsize indicator has an invalid value, may cause an out-of-bounds access when the byte array representing the state of the TPM is accessed. This will likely crash swtpm or prevent it from starting since the state cannot be understood. Users should upgrade to swtpm v0.5.3, v0.6.2, or v0.7.1 to receive a patch. There are currently no known workarounds.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
跨界内存读
Vulnerability Title
Stefanberger Swtpm 缓冲区错误漏洞
Vulnerability Description
Stefanberger Swtpm是Stefanberger个人开发者的一个基于Libtpms的软件模拟器。该软件支持套接字,字符设备和Linux CUSE接口等功能。 Stefanberger Swtpm 0.5.3之前版本, 0.6.2之前版本, 和0.7.1之前版本存在缓冲区错误漏洞,攻击者可利用该漏洞通过精心编制的swtpm状态标头(blobheader的hdrsize指示符具有无效值)导致越界访问,引起系统崩溃或阻止其启动。
CVSS Information
N/A
Vulnerability Type
N/A