USN-5933-1: Libtpms vulnerabilities
7 March 2023
Several security issues were fixed in Libtpms.
- libtpms - TPM emulation library
Francisco Falcon discovered that Libtpms did not properly manage memory
when performing certain cryptographic operations. An attacker could
possibly use this issue to cause a denial of service, or possibly execute
arbitrary code. (CVE-2023-1017, CVE-2023-1018)
It was discovered that Libtpms did not properly manage memory when
handling certain commands. An attacker could possibly use this issue
to cause a denial of service.
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to restart any application
using Libtpms libraries to make all the necessary changes.