tpm2-tools-4.1.1-5.el8
エラータID: AXSA:2021-2806:03
The tpm2-tools packages add a set of utilities for management and utilization of Trusted Platform Module (TPM) 2.0 devices from user space.
Security Fix(es):
* tpm2-tools: fixed AES wrapping key in tpm2_import (CVE-2021-3565)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2021-3565
A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality.
Update packages.
A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality.
N/A
SRPMS
- tpm2-tools-4.1.1-5.el8.src.rpm
MD5: 171dd68b60ece6938f55bbd392c0d7e4
SHA-256: 1ca88cd63cb688af1f40c86a292ab4e874bd2a346cf7c87a3a7f2e249cdf6a58
Size: 785.78 kB
Asianux Server 8 for x86_64
- tpm2-tools-4.1.1-5.el8.x86_64.rpm
MD5: e8b8a199dbd03c04d176ad961d5119de
SHA-256: a25e303e43bba9e2713001f8ff3ad1a1a03f9bd8ee15b27f00faea1d37264a6d
Size: 1.01 MB