CVE-2024-29038

MEDIUM Year: 2024
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-1283
View all →

Vulnerability Description

tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7.

Related Vulnerabilities

CVE-2022-1740

MEDIUM
CVSS:4.6(Medium)

The tested version of Dominion Voting Systems ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An a...

CWE-12832022

CVE-2023-3674

LOW
CVSS:2.8(Low)

A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only e...

CWE-12832023

CVE-2022-1740

MEDIUM
CVSS:4.6(Medium)

The tested version of Dominion Voting Systems ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An a...

CWE-12832022

CVE-2023-3674

LOW
CVSS:2.8(Low)

A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only e...

CWE-12832023