Latest Vulnerabilities and Exploits



CVE ID:

CVE-2021-3565

Details:

A flaw was found in tpm2-tools in versions before 5.1.1 and before 4.3.2. tpm2_import used a fixed AES key for the inner wrapper, potentially allowing a MITM attacker to unwrap the inner portion and reveal the key being imported. The highest threat from this vulnerability is to data confidentiality.

References:

:https://bugzilla.redhat.com/show_bug.cgi?id=1964427
:https://bugzilla.redhat.com/show_bug.cgi?id=1964427