Wind River Support Network

HomeDefectsLIN1021-355
Fixed

LIN1021-355 : Security Advisory - tpm2-tools - CVE-2021-3565

Created: May 26, 2021    Updated: Aug 24, 2021
Resolved Date: Jul 20, 2021
Found In Version: 10.21.20.1
Fix Version: 10.21.20.3
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

tpm2-tools: during tpm2_import command invocation a fixed AES wrapping key is used

https://github.com/tpm2-software/tpm2-tools/commit/c069e4f179d5e6653a84fb236816c375dca82515

CREATE(Triage):(User=admin) [CVE-2021-3565|https://nvd.nist.gov/vuln/detail/CVE-2021-3565]

CVEs


Live chat
Online