CVE-2025-1057

CVE-2025-1057 affects Keylime (registrar) where a change in database type handling introduced in version 7.12.0 prevents reading prior-version entries (e.g., 7.11.0) because older data is stored as bytes while the registrar now expects strings. This mismatch can trigger an error/exceptions during...

MGASA-2024-0170 Updated tpm2-tools packages fixes security vulnerabilities

A flaw was found in the tpm2-tools package. This issue occurs due to a missing check whether the magic number in attest is equal to TPM2GENERATEDVALUE, which can allow an attacker to generate arbitrary quote data that may not be detected by tpm2checkquote CVE-2024-29038. The pcr selection which i...

PT-2022-5285 · Keylime +4 · Keylime +4

Name of the Vulnerable Software and Affected Versions: keylime versions prior to 6.5.1 Description: The issue is related to improperly handled exceptions in keylime, which can be exploited to create errors on the verifier, stopping attestation attempts and leaving a host in an attested state...