Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
tpm2_checkquote: Fix check of magic number.
It was not checked whether the magic number in the attest is equal to TPM2_GENERATED_VALUE. So an malicious attacker could generate arbitrary quote data which was not detected by tpm2 checkquote. Fixes: CVE-2024-29038 Signed-off-by: Juergen Repp <[email protected]>
- Loading branch information