diff options
author | Yi Zhao <yi.zhao@windriver.com> | 2021-07-07 11:23:38 +0800 |
---|---|---|
committer | Jia Zhang <zhang.jia@linux.alibaba.com> | 2021-07-07 14:26:45 +0800 |
commit | 0e8603b1eab73e94880075b406f609d1be0ce41c (patch) | |
tree | f194bf18ab8c12d3442973ccf4c9407cabc585a3 /meta-signing-key/recipes-devtools/sbsigntool/sbsigntool_git.bb | |
parent | ba04fbba711217e2a7c10270fe932146564f6229 (diff) | |
download | meta-secure-core-0e8603b1eab73e94880075b406f609d1be0ce41c.tar.gz |
tpm2-tools: fix CVE-2021-3565
CVE-2021-3565:
A flaw was found in tpm2-tools in versions before 5.1.1 and before
4.3.2. tpm2_import used a fixed AES key for the inner wrapper,
potentially allowing a MITM attacker to unwrap the inner portion and
reveal the key being imported. The highest threat from this
vulnerability is to data confidentiality.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2021-3565
Patch from:
https://github.com/tpm2-software/tpm2-tools/commit/c069e4f179d5e6653a84fb236816c375dca82515
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Diffstat (limited to 'meta-signing-key/recipes-devtools/sbsigntool/sbsigntool_git.bb')
0 files changed, 0 insertions, 0 deletions