tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a misleading picture of the TPM state. This issue has been patched in version 5.7.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 02 Oct 2025 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Tpm2-tools Project
Tpm2-tools Project tpm2-tools
CPEs cpe:2.3:a:tpm2-tools_project:tpm2-tools:*:*:*:*:*:*:*:*
Vendors & Products Tpm2-tools Project
Tpm2-tools Project tpm2-tools

Wed, 13 Nov 2024 02:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat enterprise Linux
CPEs cpe:/a:redhat:enterprise_linux:9
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2024-08-02T01:03:51.670Z

Reserved: 2024-03-14T16:59:47.613Z

Link: CVE-2024-29039

cve-icon Vulnrichment

Updated: 2024-06-28T19:50:20.319Z

cve-icon NVD

Status : Analyzed

Published: 2024-06-28T16:15:03.777

Modified: 2025-10-02T14:15:24.910

Link: CVE-2024-29039

cve-icon Redhat

Severity : Low

Publid Date: 2024-04-30T00:00:00Z

Links: CVE-2024-29039 - Bugzilla

cve-icon OpenCVE Enrichment

No data.