Trusted Platform Module (TPMs) 2.0 reference library specification, which may lead to information disclosure and privilege escalation.
one of the vulnerabilities CVE-2023-1017for out-of-bounds writes, and the other for CVE-2023-1018, described as an out-of-range read. It was his Quarkslab, a cybersecurity company, that discovered and reported the issue in November 2022.
According to the Trusted Computing Group (TCG), “These vulnerabilities could be triggered from a user-mode application by sending malicious commands to a TPM 2.0 whose firmware is based on the affected TCG reference implementation. There is.” Said in advisory.
Large technology vendors, enterprise computers, servers, IoT devices, and organizations with embedded systems containing TPMs may be affected by this flaw. Quarkslab I got itadded that it “could affect billions of devices.”
A TPM is a hardware-based solution (that is, a cryptographic processor) designed to provide secure cryptographic functions and physical security mechanisms to prevent tampering.
“The most common TPM features are used to measure system integrity and to create and use keys.” Microsoft To tell in that document. “During the system boot process, the loaded boot code (including firmware and operating system components) can be measured and recorded in the TPM.”
“The integrity measurements can be used as evidence of how the system booted, confirming that TPM-based keys were used only when the correct software was used to boot the system.”
The TCG Consortium noted that this shortcoming is a result of the lack of the required length check, resulting in a buffer overflow that could pave the way for local information disclosure or privilege escalation. .
the user is apply the update Released by TCG and other vendors to address defects and reduce supply chain risk.
The CERT Coordination Center (CERT/CC) states, “Users of high-assurance computing environments should consider using TPM remote authentication to detect changes to their devices and ensure that the TPM is tamper-proof. is needed. Said in alert.