USN-6796-1
- Source
- https://ubuntu.com/security/notices/USN-6796-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6796-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-6796-1
- Related
- Published
- 2024-05-29T13:21:53.808488Z
- Modified
- 2024-05-29T13:21:53.808488Z
- Summary
- tpm2-tss vulnerabilities
- Details
-
Fergus Dall discovered that TPM2 Software Stack did not properly handle layer arrays. An attacker could possibly use this issue to cause TPM2 Software Stack to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-22745)
Jurgen Repp and Andreas Fuchs discovered that TPM2 Software Stack did not validate the quote data after deserialization. An attacker could generate an arbitrary quote and cause TPM2 Software Stack to have unknown behavior. (CVE-2024-29040)
- References
Affected packages
Ubuntu:20.04:LTS / tpm2-tss
Package
- Name
- tpm2-tss
- Purl
- pkg:deb/ubuntu/tpm2-tss@2.3.2-1ubuntu0.20.04.2?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.3.2-1ubuntu0.20.04.2
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libtss2-dev",
"binary_version": "2.3.2-1ubuntu0.20.04.2"
},
{
"binary_name": "libtss2-esys0",
"binary_version": "2.3.2-1ubuntu0.20.04.2"
},
{
"binary_name": "libtss2-esys0-dbgsym",
"binary_version": "2.3.2-1ubuntu0.20.04.2"
}
]
}
Ubuntu:22.04:LTS / tpm2-tss
Package
- Name
- tpm2-tss
- Purl
- pkg:deb/ubuntu/tpm2-tss@3.2.0-1ubuntu1.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.2.0-1ubuntu1.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libtss2-dev",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-esys-3.0.2-0",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-esys-3.0.2-0-dbgsym",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-fapi1",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-fapi1-dbgsym",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-mu0",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-mu0-dbgsym",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-rc0",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-rc0-dbgsym",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-sys1",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-sys1-dbgsym",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-tcti-cmd0",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-tcti-cmd0-dbgsym",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-tcti-device0",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-tcti-device0-dbgsym",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-tcti-mssim0",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-tcti-mssim0-dbgsym",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-tcti-swtpm0",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-tcti-swtpm0-dbgsym",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-tctildr0",
"binary_version": "3.2.0-1ubuntu1.1"
},
{
"binary_name": "libtss2-tctildr0-dbgsym",
"binary_version": "3.2.0-1ubuntu1.1"
}
]
}
Ubuntu:24.04:LTS / tpm2-tss
Package
- Name
- tpm2-tss
- Purl
- pkg:deb/ubuntu/tpm2-tss@4.0.1-7.1ubuntu5.1?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.0.1-7.1ubuntu5.1
Affected versions
4.*
4.0.1-3ubuntu1
4.0.1-6ubuntu1
4.0.1-7ubuntu1
4.0.1-7.1ubuntu4
4.0.1-7.1ubuntu5
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "libtss2-dev",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-doc",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-esys-3.0.2-0t64",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-esys-3.0.2-0t64-dbgsym",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-fapi1t64",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-fapi1t64-dbgsym",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-mu-4.0.1-0t64",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-mu-4.0.1-0t64-dbgsym",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-policy0t64",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-policy0t64-dbgsym",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-rc0t64",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-rc0t64-dbgsym",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-sys1t64",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-sys1t64-dbgsym",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tcti-cmd0t64",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tcti-cmd0t64-dbgsym",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tcti-device0t64",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tcti-device0t64-dbgsym",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tcti-libtpms0t64",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tcti-libtpms0t64-dbgsym",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tcti-mssim0t64",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tcti-mssim0t64-dbgsym",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tcti-pcap0t64",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tcti-pcap0t64-dbgsym",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tcti-spi-helper0t64",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tcti-spi-helper0t64-dbgsym",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tcti-swtpm0t64",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tcti-swtpm0t64-dbgsym",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tctildr0t64",
"binary_version": "4.0.1-7.1ubuntu5.1"
},
{
"binary_name": "libtss2-tctildr0t64-dbgsym",
"binary_version": "4.0.1-7.1ubuntu5.1"
}
]
}