Your message dated Sun, 19 Feb 2023 05:04:00 +0000 with message-id <e1ptbrk-00btu0...@fasolo.debian.org> and subject line Bug#1029369: fixed in tpm2-tss 3.2.1-3 has caused the Debian Bug report #1029369, regarding tpm2-tss: CVE-2023-22745 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1029369: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029369 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: tpm2-tss Version: 3.2.1-2 Severity: normal Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Hi, The following vulnerability was published for tpm2-tss. CVE-2023-22745[0]: | tpm2-tss is an open source software implementation of the Trusted | Computing Group (TCG) Trusted Platform Module (TPM) 2 Software Stack | (TSS2). In affected versions `Tss2_RC_SetHandler` and `Tss2_RC_Decode` | both index into `layer_handler` with an 8 bit layer number, but the | array only has `TPM2_ERROR_TSS2_RC_LAYER_COUNT` entries, so trying to | add a handler for higher-numbered layers or decode a response code | with such a layer number reads/writes past the end of the buffer. This | Buffer overrun, could result in arbitrary code execution. An example | attack would be a MiTM bus attack that returns 0xFFFFFFFF for the RC. | Given the common use case of TPM modules an attacker must have local | access to the target machine with local system privileges which allows | access to the TPM system. Usually TPM access requires administrative | privilege. Given the context, usually TPM accessing already implying administrative privilege, I guess we can consider the security impact negligible or at least minor. Filling the bug mainly for tracking downstream the issue. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-22745 https://www.cve.org/CVERecord?id=CVE-2023-22745 [1] https://github.com/tpm2-software/tpm2-tss/commit/306490c8d848c367faa2d9df81f5e69dab46ffb5 [2] https://github.com/tpm2-software/tpm2-tss/security/advisories/GHSA-4j3v-fh23-vx67 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: tpm2-tss Source-Version: 3.2.1-3 Done: Ying-Chun Liu (PaulLiu) <paul...@debian.org> We believe that the bug you reported is fixed in the latest version of tpm2-tss, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1029...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ying-Chun Liu (PaulLiu) <paul...@debian.org> (supplier of updated tpm2-tss package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 19 Feb 2023 12:18:52 +0800 Source: tpm2-tss Architecture: source Version: 3.2.1-3 Distribution: unstable Urgency: low Maintainer: Mathieu Trudel-Lapierre <cypher...@ubuntu.com> Changed-By: Ying-Chun Liu (PaulLiu) <paul...@debian.org> Closes: 1029369 Changes: tpm2-tss (3.2.1-3) unstable; urgency=low . * Backport upstream commit 306490c8d848c367 - Fix CVE-2023-22745 (Closes: #1029369) Checksums-Sha1: e4d346fedb6e4ea2038e5f12eac211198792eff6 2940 tpm2-tss_3.2.1-3.dsc 991b6b4ba70bb0256c933fb996d4506808597205 17108 tpm2-tss_3.2.1-3.debian.tar.xz 1df198428b50f97969a3ef75bcc752c153c033bf 7837 tpm2-tss_3.2.1-3_source.buildinfo Checksums-Sha256: 878d496e96fb79c19f950649e9a15552dc4fdab8f4ffb64140c2f7209be577e2 2940 tpm2-tss_3.2.1-3.dsc f9fa77bd23c93bbed3152805f4662d91dbb08afe2cc65440f3c326efd697900d 17108 tpm2-tss_3.2.1-3.debian.tar.xz 3adf7a8b0d062fa461830dc5c06ea432b8eef29c470b563ae3ded253ca635e71 7837 tpm2-tss_3.2.1-3_source.buildinfo Files: f1e344efaa4e053087295eec1caff9f2 2940 libs optional tpm2-tss_3.2.1-3.dsc 002de84fac56439ada544b6809bd1d1a 17108 libs optional tpm2-tss_3.2.1-3.debian.tar.xz 5c5899e2c88189cf82beefb4363b1f9f 7837 libs optional tpm2-tss_3.2.1-3_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJHBAEBCgAxFiEEo2h49GQQhoFgDLZIRBc/oT0FiIgFAmPxqmkTHHBhdWxsaXVA ZGViaWFuLm9yZwAKCRBEFz+hPQWIiBMYD/9V7D5vai3RJhIdBrOXKL1yd6sYfPRI 8RQmICeJWPgZKMc67qmNK9HhYR+Wdohsg+nGijPJ4xUe2j8/llPotZxZtnM6EmkW WI+6xnyDrBbOa7EsIjIOtZdgZIwJd8sfu0OuDwhhz9GauJEuVNkmELXm8XGnFqK7 W4wieDC442VDw8k6Ew6H4OV8Jmac446yiJzguOrBpDMnECCHTHkZtF1JNzDqwk4Y dFDc78scsTooOlhgDsfh9jc+dyrb7rlwUamcbQGI/NrX16zxVddH1t2aQbaGtVRF J8BzpMLDn1rAq/Awoldj5tMOzskEPTt0bQImIy1Cs+vqcbW3HaXfND/L1UbeI4B+ mTHuBchBYp5b/kiPjYDoqxUp3IFAeYCxAh0EALUgx0B4+vVOtBCJysuTynw+qVKf v36REwWdPusOWiRyNpEF1s3tkep7rdjgIdJDFxsY9xyPR1UdSJf2nqQyvTIf3G22 +Sb8t5B++uWfsoUsIFrL91hO5jNussFDKMS9vI+KCH/OVHxNSR1DyrtpCs/GUt1t IET+hYjjs+nvmWv5az40XROGzFW7t4xIv41nZhvwe3iJvv4Bj1cbe1QqoYX9IwVb /m/X1tX5mbo3Pw5nuqf+cpm9/kdcp3okuWYOLrM5J127q/BUw6niPgBIFRvqV175 8mW8wu/U7YIAYA== =KpSk -----END PGP SIGNATURE-----
--- End Message ---
