SecuritySpace - CVE-2023-1017

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2023-1017

Description: An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2023-1017
CERT/CC Advisory VU#782720
https://kb.cert.org/vuls/id/782720
TCG Security Advisories
https://trustedcomputinggroup.org/about/security/
TCG TPM2.0 Errata Version 1.4
https://trustedcomputinggroup.org/wp-content/uploads/TCGVRT0007-Advisory-FINAL.pdf

CVE ID:	CVE-2023-1017
Description:	An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2023-1017 CERT/CC Advisory VU#782720 https://kb.cert.org/vuls/id/782720 TCG Security Advisories https://trustedcomputinggroup.org/about/security/ TCG TPM2.0 Errata Version 1.4 https://trustedcomputinggroup.org/wp-content/uploads/TCGVRT0007-Advisory-FINAL.pdf