Main Vulnerability Database Vulnerabilities #VU80468

Security features bypass in keylime - CVE-2023-3674

Published: September 5, 2023

Vulnerability identifier: #VU80468

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-3674

CWE-ID: CWE-254

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
keylime

Software vendor:
Keylime

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to an error in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted.

Remediation

Install updates from vendor's website.

External links

https://access.redhat.com/security/cve/CVE-2023-3674
https://bugzilla.redhat.com/show_bug.cgi?id=2222903
https://github.com/keylime/keylime/commit/95ce3d86bd2c53009108ffda2dcf553312d733db

Security features bypass in keylime - CVE-2023-3674

Description

Remediation

External links

Please verify you're human