subject:"\[yocto\] \[PATCH\] tpm2\-tools\: fix CVE\-2024\-29039"

Re: [yocto] [PATCH] tpm2-tools: fix CVE-2024-29039

2024-08-27 Thread Soumya via lists.yoctoproject.org

yocto@lists.yoctoproject.org Subject: [yocto] [PATCH] tpm2-tools: fix CVE-2024-29039 From: Divya Chellam tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file

[yocto] [PATCH] tpm2-tools: fix CVE-2024-29039

2024-08-27 Thread dchellam via lists.yoctoproject.org

From: Divya Chellam tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and