CVE-2024-29038 Information

Description

tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by tpm2 checkquote. This issue was patched in version 5.7.

Reference

https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-5495-c38w-gr6f https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7