Lucene search
RedHatRHSA-2024:4739HistoryJul 23, 2024 - 2:47 p.m.
(RHSA-2024:4739) Moderate: tpm2-tss security update
2024-07-2314:47:20
access.redhat.com
10
tpm2-tss
buffer overflow
moderate severity
security update
intel
tpm 2.0
cve-2023-22745
CVSS3
6.4
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
6.8
Confidence
Low
EPSS
0.001
Percentile
18.4%
The tpm2-tss packages provide the Intel implementation of the Trusted Platform Module (TPM) 2.0 System API library. This library enables programs to interact with TPM 2.0 devices
Security Fix(es):
- tpm2-tss: Buffer Overlow in TSS2_RC_Decode (CVE-2023-22745)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | aarch64 | tpm2-tss | < 2.3.2-5.el8_8 | tpm2-tss-2.3.2-5.el8_8.aarch64.rpm |
| RedHat | 8 | ppc64le | tpm2-tss-debugsource | < 2.3.2-5.el8_8 | tpm2-tss-debugsource-2.3.2-5.el8_8.ppc64le.rpm |
| RedHat | 8 | x86_64 | tpm2-tss | < 2.3.2-5.el8_8 | tpm2-tss-2.3.2-5.el8_8.x86_64.rpm |
| RedHat | 8 | aarch64 | tpm2-tss-debugsource | < 2.3.2-5.el8_8 | tpm2-tss-debugsource-2.3.2-5.el8_8.aarch64.rpm |
| RedHat | 8 | i686 | tpm2-tss | < 2.3.2-5.el8_8 | tpm2-tss-2.3.2-5.el8_8.i686.rpm |
| RedHat | 8 | i686 | tpm2-tss-debugsource | < 2.3.2-5.el8_8 | tpm2-tss-debugsource-2.3.2-5.el8_8.i686.rpm |
| RedHat | 8 | s390x | tpm2-tss-devel | < 2.3.2-5.el8_8 | tpm2-tss-devel-2.3.2-5.el8_8.s390x.rpm |
| RedHat | 8 | ppc64le | tpm2-tss-devel | < 2.3.2-5.el8_8 | tpm2-tss-devel-2.3.2-5.el8_8.ppc64le.rpm |
| RedHat | 8 | s390x | tpm2-tss | < 2.3.2-5.el8_8 | tpm2-tss-2.3.2-5.el8_8.s390x.rpm |
| RedHat | 8 | x86_64 | tpm2-tss-devel | < 2.3.2-5.el8_8 | tpm2-tss-devel-2.3.2-5.el8_8.x86_64.rpm |
Related
nessus
nessus
Amazon Linux 2023 : tpm2-tss, tpm2-tss-devel (ALAS2023-2023-110)
2023-03-21 00:00:00
EulerOS 2.0 SP10 : tpm2-tss (EulerOS-SA-2023-1987)
2023-05-18 00:00:00
CentOS 8 : tpm2-tss (CESA-2023:7166)
2023-11-14 00:00:00
prion
prion
Buffer overflow
2023-01-19 23:15:00
openvas
openvas
Huawei EulerOS: Security Advisory for tpm2-tss (EulerOS-SA-2023-1773)
2023-05-08 00:00:00
Huawei EulerOS: Security Advisory for tpm2-tss (EulerOS-SA-2023-2062)
2023-06-07 00:00:00
Huawei EulerOS: Security Advisory for tpm2-tss (EulerOS-SA-2023-2178)
2023-06-09 00:00:00
almalinux
almalinux
Low: tpm2-tss security and enhancement update
2023-11-07 00:00:00
Low: tpm2-tss security and enhancement update
2023-11-14 00:00:00
cvelist
cvelist
CVE-2023-22745 Buffer Overlow in TSS2_RC_Decode in tpm2-tss
2023-01-19 22:12:40
cbl_mariner
cbl_mariner
CVE-2023-22745 affecting package tpm2-tss 2.4.6-1
2023-02-14 02:35:58
CVE-2023-22745 affecting package tpm2-tss for versions less than 2.4.6-2
2023-02-24 01:54:46
ubuntucve
ubuntucve
CVE-2023-22745
2023-01-19 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: tpm2-tss-3.2.2-1.fc36
2023-02-17 01:33:55
[SECURITY] Fedora 37 Update: tpm2-tss-3.2.2-1.fc37
2023-02-09 09:14:38
[SECURITY] Fedora 36 Update: tpm2-tools-5.4-1.fc36
2023-02-17 01:33:53
osv
osv
Low: tpm2-tss security and enhancement update
2023-11-14 00:00:00
CVE-2023-22745
2023-01-19 23:15:26
Low: tpm2-tss security and enhancement update
2023-11-07 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in tpm2-tss library (CVE-2023-22745) affects Power HMC.
2024-09-10 15:20:52
Security Bulletin: Multiple security vulnerabilities affect IBM Robotic Process Automation for Cloud Pak.
2024-01-16 19:45:47
Security Bulletin: Multiple Vulnerabilities in CloudPak for AIOps
2024-02-28 17:18:09
redhat
redhat
(RHSA-2023:7166) Low: tpm2-tss security and enhancement update
2023-11-14 08:46:50
(RHSA-2023:6685) Low: tpm2-tss security and enhancement update
2023-11-07 06:11:56
(RHSA-2024:4408) Moderate: tpm2-tss security update
2024-07-09 08:31:14
nvd
nvd
CVE-2023-22745
2023-01-19 23:15:26
oraclelinux
oraclelinux
tpm2-tss security and enhancement update
2023-11-17 00:00:00
tpm2-tss security and enhancement update
2023-11-11 00:00:00
cve
cve
CVE-2023-22745
2023-01-19 23:15:26
redhatcve
redhatcve
CVE-2023-22745
2023-01-20 07:34:59
debiancve
debiancve
CVE-2023-22745
2023-01-19 23:15:26
mageia
mageia
Updated tpm2-tss packages fix security vulnerability
2023-02-15 01:43:23
ubuntu
ubuntu
TPM2 Software Stack vulnerabilities
2024-05-29 00:00:00
redos
redos
ROS-20240611-02
2024-06-11 00:00:00
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
CVSS3
6.4
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
6.8
Confidence
Low
EPSS
0.001
Percentile
18.4%
Related for RHSA-2024:4739