{"containers": {"cna": {"affected": [{"product": "TPM2 source", "vendor": "n/a", "versions": [{"status": "affected", "version": "before 3.01, before 2.4.3"}]}], "descriptions": [{"lang": "en", "value": "Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3."}], "problemTypes": [{"descriptions": [{"description": "escalation of privilege", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-07-07T09:06:37", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902167"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/2.4.3"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/3.0.1"}, {"name": "FEDORA-2021-fa78f3ca9f", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KPOENCMJU4DMT3BDNUBRK25B3DJ47UO/"}, {"name": "GLSA-202107-10", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202107-10"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24455", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "TPM2 source", "version": {"version_data": [{"version_value": "before 3.01, before 2.4.3"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "escalation of privilege"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1902167", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902167"}, {"name": "https://github.com/tpm2-software/tpm2-tss/releases/tag/2.4.3", "refsource": "CONFIRM", "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/2.4.3"}, {"name": "https://github.com/tpm2-software/tpm2-tss/releases/tag/3.0.1", "refsource": "CONFIRM", "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/3.0.1"}, {"name": "FEDORA-2021-fa78f3ca9f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KPOENCMJU4DMT3BDNUBRK25B3DJ47UO/"}, {"name": "GLSA-202107-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202107-10"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T15:12:09.085Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902167"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/2.4.3"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/3.0.1"}, {"name": "FEDORA-2021-fa78f3ca9f", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KPOENCMJU4DMT3BDNUBRK25B3DJ47UO/"}, {"name": "GLSA-202107-10", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202107-10"}]}]}, "cveMetadata": {"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24455", "datePublished": "2021-02-26T02:55:50", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:09.085Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tpm2_software_stack_project:tpm2_software_stack:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8AAC7D7-B4CB-44F3-80E4-BF25738A1BE7", "versionEndExcluding": "2.4.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tpm2_software_stack_project:tpm2_software_stack:*:*:*:*:*:*:*:*", "matchCriteriaId": "191ABF55-E210-4BA4-880C-7D8EE0FEF9FC", "versionEndExcluding": "3.0.1", "versionStartIncluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3."}, {"lang": "es", "value": "Una falta de inicializaci\u00f3n de una variable en la fuente de TPM2 puede permitir a un usuario privilegiado habilitar potencialmente una escalada de privilegios por medio del acceso local. Esto afecta a tpm2-tss versiones anteriores a 3.0.1 y versiones anteriores a 2.4.3"}], "id": "CVE-2020-24455", "lastModified": "2024-11-21T05:14:51.427", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-02-26T03:15:12.213", "references": [{"source": "secure@intel.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902167"}, {"source": "secure@intel.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/2.4.3"}, {"source": "secure@intel.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/3.0.1"}, {"source": "secure@intel.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KPOENCMJU4DMT3BDNUBRK25B3DJ47UO/"}, {"source": "secure@intel.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202107-10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902167"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/2.4.3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/3.0.1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KPOENCMJU4DMT3BDNUBRK25B3DJ47UO/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202107-10"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-909"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "tpm2-tss: FAPI PolicyPCR not instatiating correctly", "id": "1902167", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902167"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-456", "details": ["Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3.", "The tpm2-tss package introduced an implementation of TCG Feature API (FAPI) from v2.4.0. While instantiating TPM policy via FAPI, TPM's Platform Configuration Register (PCR) are used to compute policy digest. While reading PCR values via 'ifapi_read_pcr' routine, a PCR list counter was not set which can lead to an incorrect policy instantiation. This may potentially lead to a DoS scenario."], "name": "CVE-2020-24455", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "tpm2-tss", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "tpm2-tss", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2020-10-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-24455\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-24455\nhttps://github.com/tpm2-software/tpm2-tss/pull/1857/commits/ba62a713d0aab39ac5975b7778e17274186b9464"], "threat_severity": "Low", "upstream_fix": "tpm2-tss 2.4.3"}