The package contains the code for the TPM (Trusted Platform Module) 2.0 tools based on tpm2-tss.
Security Fix(es):
tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by tpm2 checkquote
. This issue was patched in version 5.7.(CVE-2024-29038)
tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCR_SELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a misleading picture of the TPM state. This issue has been patched in version 5.7.(CVE-2024-29039)
{ "severity": "Medium" }
{ "noarch": [ "tpm2-tools-help-5.0-5.oe2003sp4.noarch.rpm" ], "src": [ "tpm2-tools-5.0-5.oe2003sp4.src.rpm" ], "x86_64": [ "tpm2-tools-5.0-5.oe2003sp4.x86_64.rpm", "tpm2-tools-debuginfo-5.0-5.oe2003sp4.x86_64.rpm", "tpm2-tools-debugsource-5.0-5.oe2003sp4.x86_64.rpm" ], "aarch64": [ "tpm2-tools-5.0-5.oe2003sp4.aarch64.rpm", "tpm2-tools-debuginfo-5.0-5.oe2003sp4.aarch64.rpm", "tpm2-tools-debugsource-5.0-5.oe2003sp4.aarch64.rpm" ] }