CVE-2020-24455 - OpenCVE

Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3.

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Tpm2 Software Stack Project	Tpm2 Software Stack
Fedoraproject	Fedora

Configuration 1 [-]

OR	cpe:2.3:a:tpm2_software_stack_project:tpm2_software_stack::::::::
	cpe:2.3:a:tpm2_software_stack_project:tpm2_software_stack::::::::

Configuration 2 [-]

cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=1902167	Issue Tracking Patch Third Party Advisory
https://github.com/tpm2-software/tpm2-tss/releases/tag/2.4.3	Release Notes Third Party Advisory
https://github.com/tpm2-software/tpm2-tss/releases/tag/3.0.1	Release Notes Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KPOENCMJU4DMT3BDNUBRK25B3DJ47UO/
https://security.gentoo.org/glsa/202107-10	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: intel

Published: 2021-02-26T02:55:50

Updated: 2021-07-07T09:06:37

Reserved: 2020-08-19T00:00:00

Link: CVE-2020-24455

JSON object: View

NVD Information

Status : Modified

Published: 2021-02-26T03:15:12.213

Modified: 2023-11-07T03:19:54.037

Link: CVE-2020-24455

JSON object: View

Redhat Information

No data.

CWE

CWE-909

{"containers": {"cna": {"affected": [{"product": "TPM2 source", "vendor": "n/a", "versions": [{"status": "affected", "version": "before 3.01, before 2.4.3"}]}], "descriptions": [{"lang": "en", "value": "Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3."}], "problemTypes": [{"descriptions": [{"description": "escalation of privilege", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-07-07T09:06:37", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902167"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/2.4.3"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/3.0.1"}, {"name": "FEDORA-2021-fa78f3ca9f", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KPOENCMJU4DMT3BDNUBRK25B3DJ47UO/"}, {"name": "GLSA-202107-10", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202107-10"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24455", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "TPM2 source", "version": {"version_data": [{"version_value": "before 3.01, before 2.4.3"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "escalation of privilege"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1902167", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902167"}, {"name": "https://github.com/tpm2-software/tpm2-tss/releases/tag/2.4.3", "refsource": "CONFIRM", "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/2.4.3"}, {"name": "https://github.com/tpm2-software/tpm2-tss/releases/tag/3.0.1", "refsource": "CONFIRM", "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/3.0.1"}, {"name": "FEDORA-2021-fa78f3ca9f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KPOENCMJU4DMT3BDNUBRK25B3DJ47UO/"}, {"name": "GLSA-202107-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202107-10"}]}}}}, "cveMetadata": {"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24455", "datePublished": "2021-02-26T02:55:50", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2021-07-07T09:06:37", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tpm2_software_stack_project:tpm2_software_stack:*:*:*:*:*:*:*:*", "matchCriteriaId": "D8AAC7D7-B4CB-44F3-80E4-BF25738A1BE7", "versionEndExcluding": "2.4.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:tpm2_software_stack_project:tpm2_software_stack:*:*:*:*:*:*:*:*", "matchCriteriaId": "191ABF55-E210-4BA4-880C-7D8EE0FEF9FC", "versionEndExcluding": "3.0.1", "versionStartIncluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3."}, {"lang": "es", "value": "Una falta de inicializaci\u00f3n de una variable en la fuente de TPM2 puede permitir a un usuario privilegiado habilitar potencialmente una escalada de privilegios por medio del acceso local. Esto afecta a tpm2-tss versiones anteriores a 3.0.1 y versiones anteriores a 2.4.3"}], "id": "CVE-2020-24455", "lastModified": "2023-11-07T03:19:54.037", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-02-26T03:15:12.213", "references": [{"source": "secure@intel.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902167"}, {"source": "secure@intel.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/2.4.3"}, {"source": "secure@intel.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/tpm2-software/tpm2-tss/releases/tag/3.0.1"}, {"source": "secure@intel.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KPOENCMJU4DMT3BDNUBRK25B3DJ47UO/"}, {"source": "secure@intel.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202107-10"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-909"}], "source": "nvd@nist.gov", "type": "Primary"}]}