CVE-2017-7524

tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC.

References

https://github.com/01org/tpm2.0-tools/commit/c5d72beaab1cbbbe68271f4bc4b6670d69985157

Affected packages

Git / github.com/01org/tpm2.0-tools

Affected ranges

Type: GIT
Repo: https://github.com/01org/tpm2.0-tools
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

1e08ba698ab71e48504518b4b9f054ce1801375e

Type: GIT
Repo: https://github.com/tpm2-software/tpm2-tools
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

c5d72beaab1cbbbe68271f4bc4b6670d69985157

Affected versions

2.*

2.0.0

2.0.0-beta_0

v1.*

v1.0.0

v1.0.1

v1.1-beta_0

v1.1-beta_1

v1.1.0

Database specific

{
    "vanir_signatures": [
        {
            "id": "CVE-2017-7524-1f42cbea",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "165864225263249160298319280978989806839",
                    "101702199380195429949223049532959516637",
                    "141398387035421838025360045102776212496",
                    "132721162524462162173643398948651984234"
                ]
            },
            "signature_type": "Line",
            "deprecated": false,
            "target": {
                "file": "lib/tpm_session.c"
            },
            "signature_version": "v1",
            "source": "https://github.com/tpm2-software/tpm2-tools/commit/c5d72beaab1cbbbe68271f4bc4b6670d69985157"
        },
        {
            "id": "CVE-2017-7524-3cac7233",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "254586252204020286163600424772410460959",
                    "267715276469804961707024732313449798564",
                    "96209342137147007918334866542545933780",
                    "61462436351685128351119306908089079458",
                    "249744176489845957321532133817529584492",
                    "68066838811563690508873151424193431321",
                    "111944428770312424075453754359133097636",
                    "188566356146727117938139796888122871583",
                    "84668445536793509895015590991923055720",
                    "148183876068730552352551967389787792190",
                    "216241029137337205359845428063844105867",
                    "122806264829506449325821273877331396630",
                    "12174745508328002119354123855945056756",
                    "223536653181776221487980163870075150186",
                    "218877022496171811203553951950729292909",
                    "322104216431582441745300674122233654616",
                    "321497049247625440062764794916938818065",
                    "262333223534320976532313262705224003952",
                    "302219338243683415815112302177723028578",
                    "36383495230595941201310710958013678540",
                    "166060360615773013603255372358582010564",
                    "81803750717646419168791928232866035052",
                    "337436367418675556541557720125655000557",
                    "312937810303866225698282412483986704070",
                    "227831956309741836344402192911207704344",
                    "240116388559135784296843901733927914121",
                    "100342313955708255656104704729534435693",
                    "65742153090328428692705369362083552683",
                    "150648565365152317463668283419851598634",
                    "125303902231802358198712180948070081994",
                    "174266882102331260370959043858417549200",
                    "64479693297646278223088120909540215723",
                    "317073501528596307288881965344423040362"
                ]
            },
            "signature_type": "Line",
            "deprecated": false,
            "target": {
                "file": "lib/tpm_kdfa.c"
            },
            "signature_version": "v1",
            "source": "https://github.com/tpm2-software/tpm2-tools/commit/c5d72beaab1cbbbe68271f4bc4b6670d69985157"
        },
        {
            "id": "CVE-2017-7524-b17f3e58",
            "digest": {
                "length": 1298.0,
                "function_hash": "180252340920317230498263520845147375598"
            },
            "signature_type": "Function",
            "deprecated": false,
            "target": {
                "file": "lib/tpm_kdfa.c",
                "function": "tpm_kdfa"
            },
            "signature_version": "v1",
            "source": "https://github.com/tpm2-software/tpm2-tools/commit/c5d72beaab1cbbbe68271f4bc4b6670d69985157"
        },
        {
            "id": "CVE-2017-7524-f4c3c5f8",
            "digest": {
                "length": 1742.0,
                "function_hash": "174969441118826927661811734004315319098"
            },
            "signature_type": "Function",
            "deprecated": false,
            "target": {
                "file": "lib/tpm_session.c",
                "function": "StartAuthSession"
            },
            "signature_version": "v1",
            "source": "https://github.com/tpm2-software/tpm2-tools/commit/c5d72beaab1cbbbe68271f4bc4b6670d69985157"
        },
        {
            "id": "CVE-2017-7524-f796da68",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "79624650280437269435151798918185600825",
                    "215818861346023275373037766164645113839",
                    "255847061987680970923690854203156260329"
                ]
            },
            "signature_type": "Line",
            "deprecated": false,
            "target": {
                "file": "lib/tpm_kdfa.h"
            },
            "signature_version": "v1",
            "source": "https://github.com/tpm2-software/tpm2-tools/commit/c5d72beaab1cbbbe68271f4bc4b6670d69985157"
        }
    ]
}