Certain function pointers in Trusted Boot (tboot) through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module (TPM) by hooking these function pointers.
References
Link | Resource |
---|---|
https://sourceforge.net/p/tboot/code/ci/521c58e51eb5be105a29983742850e72c44ed80e/ | Issue Tracking Patch Third Party Advisory |
https://www.usenix.org/conference/usenixsecurity18/presentation/han |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-11-16T02:00:00
Updated: 2018-08-17T17:57:01
Reserved: 2017-11-15T00:00:00
Link: CVE-2017-16837
JSON object: View
NVD Information
Status : Modified
Published: 2017-11-16T02:29:05.490
Modified: 2018-08-17T18:29:00.257
Link: CVE-2017-16837
JSON object: View
Redhat Information
No data.
CWE