发布于3月6日3月6日 Members Red Hat: CVE-2024-29038: tpm2-tools: arbitrary quote data may go undetected by tpm2_checkquote (Multiple Advisories) Severity 3 CVSS (AV:L/AC:L/Au:S/C:P/I:P/A:N) Published 06/28/2024 Created 11/14/2024 Added 11/13/2024 Modified 11/13/2024 Description tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7. Solution(s) redhat-upgrade-tpm2-tools redhat-upgrade-tpm2-tools-debuginfo redhat-upgrade-tpm2-tools-debugsource References CVE-2024-29038 RHSA-2024:9424
