Back to bug 1902167
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Dhananjay Arunesh | 2020-11-27 08:11:49 UTC | Blocks | 1902168 | |
| Dhananjay Arunesh | 2020-11-27 08:12:17 UTC | Summary | CVE-2020-24455 tpm2-tss: FAPI policy is created to lock against the "current" value of the PCR | CVE-2020-24455 tpm2-tss: FAPI PolicyPCR not instatiating correctly |
| Doran Moppert | 2020-12-16 07:34:05 UTC | CC | core-kernel-mgr, fmartine, jsnitsel, pbrobinson, yunying.sun | |
| Doran Moppert | 2020-12-16 07:34:30 UTC | Depends On | 1908235 | |
| Peter Robinson | 2020-12-16 08:48:13 UTC | Status | NEW | CLOSED |
| Resolution | --- | CURRENTRELEASE | ||
| Last Closed | 2020-12-16 08:48:13 UTC | |||
| Prasad Pandit | 2020-12-24 12:00:34 UTC | Fixed In Version | tpm2-tss 2.4.3,3.0.1 | |
| Doc Text | tpm2-tss introduced an implementation of TCG Feature API (FAPI) from v2.4.0. While instantiating TPM policy via FAPI, TPM's Platform Configuration Register (PCR) are used to compute policy digest. While reading PCR values via 'ifapi_read_pcr' routine, a PCR list counter was not set, which led to an incorrect policy instantiation. This may potentially lead to a DoS scenario. | |||
| Prasad Pandit | 2020-12-24 12:01:21 UTC | Fixed In Version | tpm2-tss 2.4.3,3.0.1 | tpm2-tss 2.4.3 |
| Eric Christensen | 2021-09-28 17:00:11 UTC | Doc Text | tpm2-tss introduced an implementation of TCG Feature API (FAPI) from v2.4.0. While instantiating TPM policy via FAPI, TPM's Platform Configuration Register (PCR) are used to compute policy digest. While reading PCR values via 'ifapi_read_pcr' routine, a PCR list counter was not set, which led to an incorrect policy instantiation. This may potentially lead to a DoS scenario. | The tpm2-tss package introduced an implementation of TCG Feature API (FAPI) from v2.4.0. While instantiating TPM policy via FAPI, TPM's Platform Configuration Register (PCR) are used to compute policy digest. While reading PCR values via 'ifapi_read_pcr' routine, a PCR list counter was not set which can lead to an incorrect policy instantiation. This may potentially lead to a DoS scenario. |
| Rafael Aquini | 2023-08-08 02:55:13 UTC | CC | core-kernel-mgr | core-kernel-mgr |
Back to bug 1902167