Name: tpm2-{tools,tss}
CVEs: CVE-2024-29038, CVE-2024-29039, CVE-2024-29040
CVSSs: 4.3, 9.0, 4.3
Action Needed: update tpm2-tools to >= 5.6.1, tpm2-tss to >= 4.0.2

Summary:

• CVE-2024-29038: tpm2_checkquote: Fix check of magic number. It was not checked whether the magic number in the attest is equal to TPM2_GENERATED_VALUE. So an malicious attacker could generate arbitrary quote data which was not detected by tpm2 checkquote.
• CVE-2024-29039: tpm2_checkquote: Add comparison of pcr selection. The pcr selection which is passed with the --pcr parameter it not compared with the attest. So it's possible to fake a valid
  attestation.
• CVE-2024-29040: FAPI: Fix check of magic number in verify quote. After deserializing the quote info it was not checked whether the magic number in the attest is equal TPM2_GENERATED_VALUE. So an malicious attacker could generate arbitrary quote data
  which was not detected by Fapi_VerifyQuote. Now the number magic number is checket in verify quote and also in the deserialization of TPM2_GENERATED. The check is also added to the Unmarshal function for TPMS_ATTEST.

refmap.gentoo: CVE-2024-2903[89]: https://bugs.gentoo.org/931056, CVE-2024-29040: https://bugs.gentoo.org/931055

CVE-2024-29039 has a critical severity, CVSS 9.0.