CVE-2017-16837

Certain function pointers in Trusted Boot (tboot) through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module (TPM) by hooking these function pointers.
Configurations

Configuration 1 (hide)

cpe:2.3:a:trusted_boot_project:trusted_boot:1.9.6:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-11-16 02:29

Updated : 2024-02-04 19:29


NVD link : CVE-2017-16837

Mitre link : CVE-2017-16837

CVE.ORG link : CVE-2017-16837


JSON object : View

Products Affected

trusted_boot_project

  • trusted_boot
CWE
CWE-20

Improper Input Validation