Main Vulnerability Database Vulnerabilities #VU45878

Improper Initialization in go-tpm - CVE-2020-8918

Published: August 11, 2020 / Updated: August 21, 2020

Vulnerability identifier: #VU45878

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-8918

CWE-ID: CWE-665

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
go-tpm

Software vendor:
Google

Description

The vulnerability allows a local authenticated user to read and manipulate data.

An improperly initialized 'migrationAuth' value in Google's go-tpm TPM1.2 library versions prior to 0.3.0 can lead an eavesdropping attacker to discover the auth value for a key created with CreateWrapKey. An attacker listening in on the channel can collect both 'encUsageAuth' and 'encMigrationAuth', and then can calculate 'usageAuth ^ encMigrationAuth' as the 'migrationAuth' can be guessed for all keys created with CreateWrapKey. TPM2.0 is not impacted by this. We recommend updating your library to 0.3.0 or later, or, if you cannot update, to call CreateWrapKey with a random 20-byte value for 'migrationAuth'.

Remediation

Install update from vendor's website.

External links

https://github.com/google/go-tpm/security/advisories/GHSA-5x29-3hr9-6wpw

Improper Initialization in go-tpm - CVE-2020-8918

Description

Remediation

External links

Please verify you're human