Wind River Support Network

HomeDefectsLINCD-5555

Fixed

LINCD-5555 : Security Advisory - tpm2-tools - CVE-2021-3565

Created: May 26, 2021 Updated: Sep 13, 2022

Resolved Date: Jul 20, 2021

Found In Version: 10.20.6.0

Fix Version: 10.21.33.0

Severity: Standard

Applicable for: Wind River Linux CD

Component/s: Userspace

Description

tpm2-tools: during tpm2_import command invocation a fixed AES wrapping key is used

https://github.com/tpm2-software/tpm2-tools/commit/c069e4f179d5e6653a84fb236816c375dca82515

CREATE(Triage):(User=admin) CVE-2021-3565 (https://nvd.nist.gov/vuln/detail/CVE-2021-3565)

CVEs

CVE-2021-3565