Vulnerability & Exploit Database

Back to search

SUSE: CVE-2017-16837: SUSE Linux Security Advisory

Severity CVSS Published Added Modified
5 (AV:L/AC:L/Au:N/C:P/I:P/A:P) November 15, 2017 November 24, 2017 January 26, 2018

Description

Certain function pointers in Trusted Boot (tboot) through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module (TPM) by hooking these function pointers.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

suse-upgrade-tboot