[Git][security-tracker-team/security-tracker][master] Add CVE-2021-3623/libtpms

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9c683b31 by Salvatore Bonaccorso at 2021-06-29T07:45:44+02:00
Add CVE-2021-3623/libtpms

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,8 +1,13 @@
 CVE-2021-3624 [buffer-overflow caused by integer-overflow in foveon_load_camf()]
 	RESERVED
 	- dcraw <unfixed> (bug #984761)
-CVE-2021-3623
+CVE-2021-3623 [out-of-bounds access when trying to resume the state of the vTPM]
 	RESERVED
+	- libtpms <unfixed>
+	NOTE: https://github.com/stefanberger/libtpms/pull/223
+	NOTE: https://github.com/stefanberger/libtpms/commit/2f30d620d3c053f20d38b54bf76ac0907821d263
+	NOTE: https://github.com/stefanberger/libtpms/commit/7981d9ad90a5043a05004e4ca7b46beab8ca7809
+	NOTE: https://github.com/stefanberger/libtpms/commit/2e6173c273ca14adb11386db4e47622552b1c00e
 CVE-2021-35525 (PostSRSd before 1.11 allows a denial of service (subprocess hang) if P ...)
 	- postsrsd <unfixed>
 	NOTE: https://bugs.gentoo.org/793674



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c683b317d099b67c4aff02385bd24f555c79728

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c683b317d099b67c4aff02385bd24f555c79728
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210629/89812adb/attachment.htm>