19 matches found
RLSA-2026:28582 Moderate: keylime security update
Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: Keylime: Security bypass due to hardcoded TPM quote nonce CVE-2026-6420 For more details about the security issues, including the impact, a CVSS score,...
keylime: Keylime: Security bypass due to hardcoded TPM quote nonce
A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...
Moderate: Red Hat Security Advisory: keylime security update
An update for keylime is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
GHSA-Q8W6-W55C-CCV5 Keylime has a hardcoded attestation challenge nonce that allows replay attacks
CVE-2026-6420: Hardcoded attestation challenge nonce allows replay attacks Impact The CertificationParameters.generatechallenge method in the push attestation protocol uses a hardcoded challenge nonce instead of generating a cryptographically random value. This removes the nonce-based replay...
EUVD-2026-27657
Keylime has a hardcoded attestation challenge nonce that allows replay attacks...
Keylime has a hardcoded attestation challenge nonce that allows replay attacks
CVE-2026-6420: Hardcoded attestation challenge nonce allows replay attacks Impact The CertificationParameters.generatechallenge method in the push attestation protocol uses a hardcoded challenge nonce instead of generating a cryptographically random value. This removes the nonce-based replay...
SUSE CVE-2026-6420
A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...
GHSA-WC6P-4GWJ-JCR8 Duplicate Advisory: Keylime has a hardcoded attestation challenge nonce that allows replay attacks
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-q8w6-w55c-ccv5. This link is maintained to preserve external references. Original Description A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent...
Duplicate Advisory: Keylime has a hardcoded attestation challenge nonce that allows replay attacks
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-q8w6-w55c-ccv5. This link is maintained to preserve external references. Original Description A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent...
CVE-2026-6420
A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...
CVE-2026-6420
A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...
CVE-2026-6420
CVE-2026-6420 affects Keylime: a flaw in the verifier uses a hardcoded TPM quote nonce instead of a cryptographically random value. An attacker with root on an enrolled monitored machine where the Keylime agent runs can stockpile valid TPM quotes and replay them to evade detection after compromis...
CVE-2026-6420 Keylime: keylime: security bypass due to hardcoded tpm quote nonce
A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...
CVE-2026-6420 Keylime: keylime: security bypass due to hardcoded tpm quote nonce
A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...
PT-2026-37443
Name of the Vulnerable Software and Affected Versions Keylime affected versions not specified Description A flaw in the Keylime verifier allows an attacker with root access on an enrolled monitored machine to bypass security. The verifier uses a hardcoded challenge nonce for Trusted Platform Modu...
Linux Distros Unpatched Vulnerability : CVE-2026-6420
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the...
CVE-2026-4666
The wpForo Forum plugin for WordPress is vulnerable to unauthorized modification of data due to the use of extract$args, EXTROVERWRITE on user-controlled input in the edit method of classes/Posts.php in all versions up to, and including, 2.4.16. The postedit action handler in Actions.php passes...
CVE-2021-41615
websda.c in GoAhead WebServer 2.1.8 has insufficient nonce entropy because the nonce calculation relies on the hardcoded onceuponatimeinparadise value, which does not follow the secret-data guideline for HTTP Digest Access Authentication in RFC 7616 section 3.3 or RFC 2617 section 3.2.1. NOTE:...
PT-2022-11443 · Goahead · Goahead Web Server
Name of the Vulnerable Software and Affected Versions: GoAhead WebServer version 2.1.8 Description: The issue arises from insufficient nonce entropy in the websda.c file of GoAhead WebServer. This is due to the nonce calculation relying on a hardcoded value, onceuponatimeinparadise, which does no...