Red Hat Security Advisory 2014-1507-02 - TrouSerS is an implementation of the Trusted Computing Group's Software Stack specification. You can use TrouSerS to write applications that make use of your TPM hardware. TPM hardware can create, store and use RSA keys securely, verify a platform's software state using cryptographic hashes and more. A flaw was found in the way tcsd, the daemon that manages Trusted Computing resources, processed incoming TCP packets. A remote attacker could send a specially crafted TCP packet that, when processed by tcsd, could cause the daemon to crash. Note that by default tcsd accepts requests on localhost only.
e765dcadf5a2276e24da15a59513a3a71ec160296892652f3e7c465c088ed136
Debian Linux Security Advisory 2576-1 - Andy Lutomirski discovered that tcsd (the TPM userspace daemon) was missing a of input validation. Using carefully crafted input, it can lead to a denial of service by making the daemon crash with a segmentation fault.
800af7d0630c558f72202a51ab53232166e3ed09332a713e3e5689149fd3c4f5
TrouSerS denial of service proof of concept exploit.
e1cf51f8e3c0f3a2a12e173d4fc14069721e2a542f1a4f8e7716091868d553af