CVE Vulnerabilities

CVE-2024-29038

Mutable Attestation or Measurement Reporting Data

Published: Jun 28, 2024 | Modified: Jul 01, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
4.4 LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Ubuntu
MEDIUM

tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by tpm2 checkquote. This issue was patched in version 5.7.

Weakness

The register contents used for attestation or measurement reporting data to verify boot flow are modifiable by an adversary.

Affected Software

Name Vendor Start Version End Version
Red Hat Enterprise Linux 9 RedHat tpm2-tools-0:5.2-4.el9 *
Red Hat Enterprise Linux 9 RedHat tpm2-tools-0:5.2-4.el9 *
Tpm2-tools Ubuntu devel *
Tpm2-tools Ubuntu esm-apps/focal *
Tpm2-tools Ubuntu esm-apps/jammy *
Tpm2-tools Ubuntu esm-apps/noble *
Tpm2-tools Ubuntu focal *
Tpm2-tools Ubuntu jammy *
Tpm2-tools Ubuntu mantic *
Tpm2-tools Ubuntu noble *
Tpm2-tools Ubuntu oracular *

Extended Description

A System-on-Chip (SoC) implements secure boot or verified boot. During this boot flow, the SoC often measures the code that it authenticates. The measurement is usually done by calculating the one-way hash of the code binary and extending it to the previous hash. The hashing algorithm should be a Secure One-Way hash function. The final hash, i.e., the value obtained after the completion of the boot flow, serves as the measurement data used in reporting or in attestation. The calculated hash is often stored in registers that can later be read by the party of interest to determine tampering of the boot flow. A common weakness is that the contents in these registers are modifiable by an adversary, thus spoofing the measurement.

Potential Mitigations

  • Measurement data should be stored in registers that are read-only or otherwise have access controls that prevent modification by an untrusted agent.

References