CVE-2024-29038

tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7.

CVSS v3 4.3 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.5 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7	Release Notes
https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-5495-c38w-gr6f	Exploit Vendor Advisory
https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7	Release Notes
https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-5495-c38w-gr6f	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:tpm2-tools_project:tpm2-tools::::::::
	cpe:2.3:a:tpm2-tools_project:tpm2-tools::::::::

History

22 Oct 2025, 20:39

Type	Values Removed	Values Added
First Time		Tpm2-tools Project tpm2-tools Tpm2-tools Project
References	~~() https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7 -~~	() https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7 - Release Notes
References	~~() https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-5495-c38w-gr6f -~~	() https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-5495-c38w-gr6f - Exploit, Vendor Advisory
CPE		cpe:2.3:a:tpm2-tools_project:tpm2-tools::::::::

Information

Published : 2024-06-28 14:15

Updated : 2025-10-22 20:39

NVD link : CVE-2024-29038

Mitre link : CVE-2024-29038

CVE.ORG link : CVE-2024-29038

JSON object : View

Products Affected

tpm2-tools_project

tpm2-tools

CWE

CWE-1283

Mutable Attestation or Measurement Reporting Data

CWE-1390

Weak Authentication

{"id": "CVE-2024-29038", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.8}]}, "published": "2024-06-28T14:15:03.033", "references": [{"url": "https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-5495-c38w-gr6f", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7", "tags": ["Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-5495-c38w-gr6f", "tags": ["Exploit", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-1283"}, {"lang": "en", "value": "CWE-1390"}]}], "descriptions": [{"lang": "en", "value": "tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7."}, {"lang": "es", "value": "tpm2-tools es el repositorio de origen de las herramientas del M\u00f3dulo de plataforma segura (TPM2.0). Un atacante malintencionado puede generar datos de cotizaciones arbitrarios que no son detectados por \"tpm2 checkquote\". Este problema se solucion\u00f3 en la versi\u00f3n 5.7."}], "lastModified": "2025-10-22T20:39:37.057", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tpm2-tools_project:tpm2-tools:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0071BA44-2C6B-4556-8C61-C890D3298FEF", "versionEndExcluding": "5.5.1", "versionStartIncluding": "4.1"}, {"criteria": "cpe:2.3:a:tpm2-tools_project:tpm2-tools:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C859A9A-D6EF-4BA1-B42E-8A2E2EB98181", "versionEndExcluding": "5.7", "versionStartExcluding": "5.6.1"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}