Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2021:4413 - Security Advisory
Issued:
2021-11-09
Updated:
2021-11-09

RHSA-2021:4413 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: tpm2-tools security and enhancement update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for tpm2-tools is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The tpm2-tools packages add a set of utilities for management and utilization of Trusted Platform Module (TPM) 2.0 devices from user space.

Security Fix(es):

  • tpm2-tools: fixed AES wrapping key in tpm2_import (CVE-2021-3565)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.5 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 1964427 - CVE-2021-3565 tpm2-tools: fixed AES wrapping key in tpm2_import

CVEs

  • CVE-2021-3565

References

  • https://access.redhat.com/security/updates/classification/#moderate
  • https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
tpm2-tools-4.1.1-5.el8.src.rpm SHA-256: a77241cf9aca228f7fcc16e141184c4e0c194ec80164358327fd40b83d495077
x86_64
tpm2-tools-4.1.1-5.el8.x86_64.rpm SHA-256: f8ff5760aa602705c5c8ceaff5bdb1bf50ab1fc9158b3af2cd5a511cbdda3cbf
tpm2-tools-debuginfo-4.1.1-5.el8.x86_64.rpm SHA-256: 344a5f63dc8ce66952af6db9efa5baa548bb068adf0f485f1958b996d1a16d17
tpm2-tools-debugsource-4.1.1-5.el8.x86_64.rpm SHA-256: dc938857dbe9b04825f8174e61406c29c588fc5a103dce5be4cd7ae8f0951409

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM
tpm2-tools-4.1.1-5.el8.src.rpm SHA-256: a77241cf9aca228f7fcc16e141184c4e0c194ec80164358327fd40b83d495077
x86_64
tpm2-tools-4.1.1-5.el8.x86_64.rpm SHA-256: f8ff5760aa602705c5c8ceaff5bdb1bf50ab1fc9158b3af2cd5a511cbdda3cbf
tpm2-tools-debuginfo-4.1.1-5.el8.x86_64.rpm SHA-256: 344a5f63dc8ce66952af6db9efa5baa548bb068adf0f485f1958b996d1a16d17
tpm2-tools-debugsource-4.1.1-5.el8.x86_64.rpm SHA-256: dc938857dbe9b04825f8174e61406c29c588fc5a103dce5be4cd7ae8f0951409

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
tpm2-tools-4.1.1-5.el8.src.rpm SHA-256: a77241cf9aca228f7fcc16e141184c4e0c194ec80164358327fd40b83d495077
x86_64
tpm2-tools-4.1.1-5.el8.x86_64.rpm SHA-256: f8ff5760aa602705c5c8ceaff5bdb1bf50ab1fc9158b3af2cd5a511cbdda3cbf
tpm2-tools-debuginfo-4.1.1-5.el8.x86_64.rpm SHA-256: 344a5f63dc8ce66952af6db9efa5baa548bb068adf0f485f1958b996d1a16d17
tpm2-tools-debugsource-4.1.1-5.el8.x86_64.rpm SHA-256: dc938857dbe9b04825f8174e61406c29c588fc5a103dce5be4cd7ae8f0951409

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
tpm2-tools-4.1.1-5.el8.src.rpm SHA-256: a77241cf9aca228f7fcc16e141184c4e0c194ec80164358327fd40b83d495077
s390x
tpm2-tools-4.1.1-5.el8.s390x.rpm SHA-256: f74941d973b6638cfed6b3e19e5d97739f27b192f3155704daaec7d0019bb627
tpm2-tools-debuginfo-4.1.1-5.el8.s390x.rpm SHA-256: 2a3a9b785458990a9380468793b397387fad1e660a7523360f02fd06eeb7f3e0
tpm2-tools-debugsource-4.1.1-5.el8.s390x.rpm SHA-256: e112f09d298a070a2a2c432b049b065eff8afeb2873e3f1fdabd3724e96ab46e

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.6

SRPM
tpm2-tools-4.1.1-5.el8.src.rpm SHA-256: a77241cf9aca228f7fcc16e141184c4e0c194ec80164358327fd40b83d495077
s390x
tpm2-tools-4.1.1-5.el8.s390x.rpm SHA-256: f74941d973b6638cfed6b3e19e5d97739f27b192f3155704daaec7d0019bb627
tpm2-tools-debuginfo-4.1.1-5.el8.s390x.rpm SHA-256: 2a3a9b785458990a9380468793b397387fad1e660a7523360f02fd06eeb7f3e0
tpm2-tools-debugsource-4.1.1-5.el8.s390x.rpm SHA-256: e112f09d298a070a2a2c432b049b065eff8afeb2873e3f1fdabd3724e96ab46e

Red Hat Enterprise Linux for Power, little endian 8

SRPM
tpm2-tools-4.1.1-5.el8.src.rpm SHA-256: a77241cf9aca228f7fcc16e141184c4e0c194ec80164358327fd40b83d495077
ppc64le
tpm2-tools-4.1.1-5.el8.ppc64le.rpm SHA-256: 7ac0b4dadb9fa19e3194fe0b6283fc8a1106038c7896b9fe09e15d5da71670a1
tpm2-tools-debuginfo-4.1.1-5.el8.ppc64le.rpm SHA-256: b07346dc299521130a7e3cb5f5a4e8b76f31beda3aed6c771a123d3299c389c8
tpm2-tools-debugsource-4.1.1-5.el8.ppc64le.rpm SHA-256: 363887abe309e71d55147ed5877411072dc6c32c8d8a3b44594b99f9e0dde7df

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM
tpm2-tools-4.1.1-5.el8.src.rpm SHA-256: a77241cf9aca228f7fcc16e141184c4e0c194ec80164358327fd40b83d495077
ppc64le
tpm2-tools-4.1.1-5.el8.ppc64le.rpm SHA-256: 7ac0b4dadb9fa19e3194fe0b6283fc8a1106038c7896b9fe09e15d5da71670a1
tpm2-tools-debuginfo-4.1.1-5.el8.ppc64le.rpm SHA-256: b07346dc299521130a7e3cb5f5a4e8b76f31beda3aed6c771a123d3299c389c8
tpm2-tools-debugsource-4.1.1-5.el8.ppc64le.rpm SHA-256: 363887abe309e71d55147ed5877411072dc6c32c8d8a3b44594b99f9e0dde7df

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
tpm2-tools-4.1.1-5.el8.src.rpm SHA-256: a77241cf9aca228f7fcc16e141184c4e0c194ec80164358327fd40b83d495077
x86_64
tpm2-tools-4.1.1-5.el8.x86_64.rpm SHA-256: f8ff5760aa602705c5c8ceaff5bdb1bf50ab1fc9158b3af2cd5a511cbdda3cbf
tpm2-tools-debuginfo-4.1.1-5.el8.x86_64.rpm SHA-256: 344a5f63dc8ce66952af6db9efa5baa548bb068adf0f485f1958b996d1a16d17
tpm2-tools-debugsource-4.1.1-5.el8.x86_64.rpm SHA-256: dc938857dbe9b04825f8174e61406c29c588fc5a103dce5be4cd7ae8f0951409

Red Hat Enterprise Linux for ARM 64 8

SRPM
tpm2-tools-4.1.1-5.el8.src.rpm SHA-256: a77241cf9aca228f7fcc16e141184c4e0c194ec80164358327fd40b83d495077
aarch64
tpm2-tools-4.1.1-5.el8.aarch64.rpm SHA-256: d29b9e2104f438b0a812423ad48d66b56f08585fa568c5f2aeddbd77b94fecb6
tpm2-tools-debuginfo-4.1.1-5.el8.aarch64.rpm SHA-256: c6f3267f03fcc62077eeddda53946e2f184b6cc4a62c2087cc56fefcd5dc3e0b
tpm2-tools-debugsource-4.1.1-5.el8.aarch64.rpm SHA-256: 32fe8ce89a61edc751fad5dcca965d8ce8123aa986c545dd57297d9a3d79e830

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.6

SRPM
tpm2-tools-4.1.1-5.el8.src.rpm SHA-256: a77241cf9aca228f7fcc16e141184c4e0c194ec80164358327fd40b83d495077
aarch64
tpm2-tools-4.1.1-5.el8.aarch64.rpm SHA-256: d29b9e2104f438b0a812423ad48d66b56f08585fa568c5f2aeddbd77b94fecb6
tpm2-tools-debuginfo-4.1.1-5.el8.aarch64.rpm SHA-256: c6f3267f03fcc62077eeddda53946e2f184b6cc4a62c2087cc56fefcd5dc3e0b
tpm2-tools-debugsource-4.1.1-5.el8.aarch64.rpm SHA-256: 32fe8ce89a61edc751fad5dcca965d8ce8123aa986c545dd57297d9a3d79e830

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
tpm2-tools-4.1.1-5.el8.src.rpm SHA-256: a77241cf9aca228f7fcc16e141184c4e0c194ec80164358327fd40b83d495077
ppc64le
tpm2-tools-4.1.1-5.el8.ppc64le.rpm SHA-256: 7ac0b4dadb9fa19e3194fe0b6283fc8a1106038c7896b9fe09e15d5da71670a1
tpm2-tools-debuginfo-4.1.1-5.el8.ppc64le.rpm SHA-256: b07346dc299521130a7e3cb5f5a4e8b76f31beda3aed6c771a123d3299c389c8
tpm2-tools-debugsource-4.1.1-5.el8.ppc64le.rpm SHA-256: 363887abe309e71d55147ed5877411072dc6c32c8d8a3b44594b99f9e0dde7df

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
tpm2-tools-4.1.1-5.el8.src.rpm SHA-256: a77241cf9aca228f7fcc16e141184c4e0c194ec80164358327fd40b83d495077
x86_64
tpm2-tools-4.1.1-5.el8.x86_64.rpm SHA-256: f8ff5760aa602705c5c8ceaff5bdb1bf50ab1fc9158b3af2cd5a511cbdda3cbf
tpm2-tools-debuginfo-4.1.1-5.el8.x86_64.rpm SHA-256: 344a5f63dc8ce66952af6db9efa5baa548bb068adf0f485f1958b996d1a16d17
tpm2-tools-debugsource-4.1.1-5.el8.x86_64.rpm SHA-256: dc938857dbe9b04825f8174e61406c29c588fc5a103dce5be4cd7ae8f0951409

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter