Back to directory
WRITEUP #1406

Vulnerabilities in the TPM 2.0 reference implementation code

OtherMemory corruptionOut-of-bounds ReadOut-of-bounds Write
by@fdfalcon(Francisco Falcon)
Bounty
20,000
Program
MicrosoftVMwareGoogleIBMLenovoQemuNuvotonTrusted Computing GroupSTMicroelectronicsAruba NetworksCERT/CClibtpms
Published
Mar 14, 2023
Added to HackDex
Mar 15, 2023
Read Full Writeuphttps://blog.quarkslab.com/vulnerabilities-in-the-tpm-20-reference-implementation-code.html
RELATED WRITEUPS
Vulnerabilities in NodeJS C/C++ add-on extensions
OtherMemory corruption
Ghost In The Ppl Part 1: Byovdll
OtherUse-After-Free
Part 2: From Byovdll To Arbitrary Code Execution In Lsass
OtherUse-After-Free
Ghost in the PPL Part 3: LSASS Memory Dump
OtherUse-After-Free
CVE-2024-37079:
OtherInteger underflow

Built with ❤️ by Shubham Rawat