M'chikalatacho ndi kukhazikitsidwa kwa TPM 2.0 (Trusted Platform Module) zomwe zidadziwika (CVE-2023-1017, CVE-2023-1018) zomwe zimatsogolera kulemba kapena kuwerenga zambiri kupyola malire a buffer yomwe yaperekedwa. Kuwukira kukhazikitsidwa kwa ma processor a crypto pogwiritsa ntchito nambala yomwe ili pachiwopsezo kungayambitse kuchotsedwa kapena kulembedwanso kwa zidziwitso zosungidwa pa-chip monga makiyi a cryptographic. Kutha kulemba zambiri mu firmware ya TPM kungagwiritsidwe ntchito ndi wowukira kuti akonzekere kukwaniritsidwa kwa code yawo malinga ndi TPM, yomwe, mwachitsanzo, ingagwiritsidwe ntchito kukhazikitsa zitseko zakumbuyo zomwe zimagwira ntchito kumbali ya TPM ndipo sizipezeka. ndi makina ogwiritsira ntchito.
Zowonongeka zimayambitsidwa ndi kutsimikizira kolakwika kwa kukula kwa magawo a CryptParameterDecryption() ntchito, yomwe imalola ma byte awiri kuti alembedwe kapena kuwerengedwa kupyola malire a buffer yomwe yadutsa ku ExecuteCommand() ntchito ndipo ili ndi lamulo la TPM2.0. Kutengera kukhazikitsidwa kwa firmware, ma byte awiri omwe alembedwa mopitilira akhoza kuwononga kukumbukira kosagwiritsidwa ntchito ndi data kapena zolozera pa stack.
Chiwopsezochi chimagwiritsidwa ntchito potumiza malamulo opangidwa mwapadera ku gawo la TPM (wowukirayo ayenera kukhala ndi mawonekedwe a TPM). Nkhanizi zidathetsedwa mukusintha kwatsatanetsatane kwa TPM 2.0 komwe kudatulutsidwa mu Januware (1.59 Errata 1.4, 1.38 Errata 1.13, 1.16 Errata 1.6).
Laibulale yotsegula ya libtpms, yomwe imagwiritsidwa ntchito kutsanzira ma module a TPM ndikuphatikiza chithandizo cha TPM mu hypervisors, ilinso pachiwopsezo. Chiwopsezocho chinakhazikitsidwa mu libtpms 0.9.6 kumasulidwa.
Source: opennet.ru