CVE-2017-16837 — HIGH (7.8)

Vulnerability Description

Certain function pointers in Trusted Boot (tboot) through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module (TPM) by hooking these function pointers.

CVSS Score

7.8

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Trusted Boot Project	Trusted Boot	1.9.6

Related Weaknesses (CWE)

CWE-20

References

https://sourceforge.net/p/tboot/code/ci/521c58e51eb5be105a29983742850e72c44ed80eIssue TrackingPatchThird Party Advisory
https://www.usenix.org/conference/usenixsecurity18/presentation/han
https://sourceforge.net/p/tboot/code/ci/521c58e51eb5be105a29983742850e72c44ed80eIssue TrackingPatchThird Party Advisory
https://www.usenix.org/conference/usenixsecurity18/presentation/han

FAQ

What is CVE-2017-16837?

CVE-2017-16837 is a vulnerability with a CVSS score of 7.8 (HIGH). Certain function pointers in Trusted Boot (tboot) through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module ...

How severe is CVE-2017-16837?

CVE-2017-16837 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-16837?

Check the references section above for vendor advisories and patch information. Affected products include: Trusted Boot Project Trusted Boot.