10464 matches found
Oracle Linux 8 : osbuild-composer (ELSA-2026-2124)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-2124 advisory. 101.4-3.0.1 - Support using repository definitons with OCI variables JIRA: OLDIS-38657 - Update repositories to contain OCI variables - Remove image types...
GO-2026-4432 EVE Doesn't Protect Config Partition with Measured Boot in github.com/lf-edge/eve
EVE Doesn't Protect Config Partition with Measured Boot in github.com/lf-edge/eve...
GO-2026-4428 EVE's Debug Functions Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve
EVE's Debug Functions Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve...
GO-2026-4418 EVE: SSH as Root Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve
EVE: SSH as Root Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve...
PT-2026-6530
EVE's Debug Functions Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve...
PT-2026-6523
EVE: SSH as Root Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve...
PT-2026-6532
EVE Doesn't Protect Config Partition with Measured Boot in github.com/lf-edge/eve...
EVE Doesn't Protect Rootfs
Impact Measured boot validates BIOS, grub, kernel cmdline, and initrd but not the entire rootfs. Thus, an attacker can create an EVE-OS rootfs squashfs image with some files modified and take out the disk and replace the existing rootfs image without that being detected by measure boot and remote...
Insufficient Verification of Data Authenticity
Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity due to the measured boot not validating the integrity of the entire root filesystem. An attacker can gain unauthorized access to sensitive data or modify system files by physically replacin...
GHSA-5H7V-G49C-H887 EVE Doesn't Protect Rootfs
Impact Measured boot validates BIOS, grub, kernel cmdline, and initrd but not the entire rootfs. Thus, an attacker can create an EVE-OS rootfs squashfs image with some files modified and take out the disk and replace the existing rootfs image without that being detected by measure boot and remote...
EVE Doesn't Protect Config Partition with Measured Boot
Impact Config partition measurement was moved from PCR 13 to PCR 14 in a commit, but PCR 14 was not added to the list of PCRs that seal/unseal the vault key. As a result, an attacker can remove the disk, use another server to modify the files in the config partition, and then re-insert the disk...
EUVD-2023-48034
EVE Doesn't Protect Config Partition with Measured Boot...
EUVD-2023-48033
EVE's Debug Functions Unlockable Without Triggering Measured Boot...
EVE's Debug Functions Unlockable Without Triggering Measured Boot
Impact On boot, Pillar checks for /config/GlobalConfig/global.json and overrides system configuration if present. This allows enabling debug functions like SSH debug.enable.ssh, USB keyboard debug.enable.usb, and VNC access app.allow.vnc without triggering the measured boot. Thus, a user with...
GHSA-4C4V-42HC-72P6 EVE's Debug Functions Unlockable Without Triggering Measured Boot
Impact On boot, Pillar checks for /config/GlobalConfig/global.json and overrides system configuration if present. This allows enabling debug functions like SSH debug.enable.ssh, USB keyboard debug.enable.usb, and VNC access app.allow.vnc without triggering the measured boot. Thus, a user with...
EVE: SSH as Root Unlockable Without Triggering Measured Boot
Impact On boot, the Pillar container checks for /config/authorizedkeys. If present with a valid public key, it enables SSH on port 22 with root login. The /config partition is not protected by measured boot, is mutable and unencrypted. This enables an attacker with physical access to the device t...
Insecure Storage of Sensitive Information
Overview Affected versions of this package are vulnerable to Insecure Storage of Sensitive Information due to the /config partition not being protected by measured boot, mutable, and unencrypted. An attacker can gain unauthorized root access by physically removing the disk, modifying the /config...
GHSA-3MQ9-XHGQ-R7GJ EVE: SSH as Root Unlockable Without Triggering Measured Boot
Impact On boot, the Pillar container checks for /config/authorizedkeys. If present with a valid public key, it enables SSH on port 22 with root login. The /config partition is not protected by measured boot, is mutable and unencrypted. This enables an attacker with physical access to the device t...
EUVD-2023-48031
EVE: SSH as Root Unlockable Without Triggering Measured Boot...
EUVD-2023-48030
EVE Doesn't Measure Config Partition From 2 Fronts...