Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
tpm2 does not detect if quote was not generated by TPM
Vulnerability Description
tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Vulnerability Type
CWE-1283
Vulnerability Title
tpm2-tools 安全漏洞
Vulnerability Description
tpm2-tools是一个源代码库。 tpm2-tools 4.1-rc0及之前版本存在安全漏洞,该漏洞源于攻击者可以生成tpm2 checkquote导致无法检测到的任意引用数据。
CVSS Information
N/A
Vulnerability Type
N/A