1. Ubuntu Security Notices
  2. USN-6796-1

USN-6796-1: TPM2 Software Stack vulnerabilities

Publication date

29 May 2024

Overview

Several security issues were fixed in TPM2 Software Stack.

Releases

Packages

  • tpm2-tss - TPM2 Software Stack library

Details

Fergus Dall discovered that TPM2 Software Stack did not properly handle
layer arrays. An attacker could possibly use this issue to cause
TPM2 Software Stack to crash, resulting in a denial of service, or
possibly execute arbitrary code.
(CVE-2023-22745)

Jurgen Repp and Andreas Fuchs discovered that TPM2 Software Stack did not
validate the quote data after deserialization. An attacker could generate
an arbitrary quote and cause TPM2 Software Stack to have unknown behavior.
(CVE-2024-29040)

Fergus Dall discovered that TPM2 Software Stack did not properly handle
layer arrays. An attacker could possibly use this issue to cause
TPM2 Software Stack to crash, resulting in a denial of service, or
possibly execute arbitrary code.
(CVE-2023-22745)

Jurgen Repp and Andreas Fuchs discovered that TPM2 Software Stack did not
validate the quote data after deserialization. An attacker could generate
an arbitrary quote and cause TPM2 Software Stack to have unknown behavior.
(CVE-2024-29040)

Update instructions

In general, a standard system update will make all the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
24.04 noble libtss2-esys-3.0.2-0t64 –  4.0.1-7.1ubuntu5.1
libtss2-fapi1t64 –  4.0.1-7.1ubuntu5.1
libtss2-mu-4.0.1-0t64 –  4.0.1-7.1ubuntu5.1
libtss2-policy0t64 –  4.0.1-7.1ubuntu5.1
libtss2-rc0t64 –  4.0.1-7.1ubuntu5.1
libtss2-sys1t64 –  4.0.1-7.1ubuntu5.1
libtss2-tcti-cmd0t64 –  4.0.1-7.1ubuntu5.1
libtss2-tcti-device0t64 –  4.0.1-7.1ubuntu5.1
libtss2-tcti-libtpms0t64 –  4.0.1-7.1ubuntu5.1
libtss2-tcti-mssim0t64 –  4.0.1-7.1ubuntu5.1
libtss2-tcti-pcap0t64 –  4.0.1-7.1ubuntu5.1
libtss2-tcti-spi-helper0t64 –  4.0.1-7.1ubuntu5.1
libtss2-tcti-swtpm0t64 –  4.0.1-7.1ubuntu5.1
libtss2-tctildr0t64 –  4.0.1-7.1ubuntu5.1
23.10 mantic libtss2-esys-3.0.2-0 –  4.0.1-3ubuntu1.1
libtss2-fapi1 –  4.0.1-3ubuntu1.1
libtss2-mu0 –  4.0.1-3ubuntu1.1
libtss2-policy0 –  4.0.1-3ubuntu1.1
libtss2-rc0 –  4.0.1-3ubuntu1.1
libtss2-sys1 –  4.0.1-3ubuntu1.1
libtss2-tcti-cmd0 –  4.0.1-3ubuntu1.1
libtss2-tcti-device0 –  4.0.1-3ubuntu1.1
libtss2-tcti-libtpms0 –  4.0.1-3ubuntu1.1
libtss2-tcti-mssim0 –  4.0.1-3ubuntu1.1
libtss2-tcti-pcap0 –  4.0.1-3ubuntu1.1
libtss2-tcti-spi-helper0 –  4.0.1-3ubuntu1.1
libtss2-tcti-swtpm0 –  4.0.1-3ubuntu1.1
libtss2-tctildr0 –  4.0.1-3ubuntu1.1
22.04 jammy libtss2-esys-3.0.2-0 –  3.2.0-1ubuntu1.1
libtss2-fapi1 –  3.2.0-1ubuntu1.1
libtss2-mu0 –  3.2.0-1ubuntu1.1
libtss2-rc0 –  3.2.0-1ubuntu1.1
libtss2-sys1 –  3.2.0-1ubuntu1.1
libtss2-tcti-cmd0 –  3.2.0-1ubuntu1.1
libtss2-tcti-device0 –  3.2.0-1ubuntu1.1
libtss2-tcti-mssim0 –  3.2.0-1ubuntu1.1
libtss2-tcti-swtpm0 –  3.2.0-1ubuntu1.1
libtss2-tctildr0 –  3.2.0-1ubuntu1.1
20.04 focal libtss2-esys0 –  2.3.2-1ubuntu0.20.04.2

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

Have additional questions?

Talk to a member of the team ›