12 matches found
Rocky Linux 9 : keylime (RLSA-2024:1139)
The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:1139 advisory. - A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate...
RLSA-2024:1139 Low: keylime security update
Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: Attestation failure when the quote's signature does not validate CVE-2023-3674 For more details about the security issues, including the impact, a CVSS score,...
keylime security update
An update is available for keylime. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Keylime is a TPM based highly scalable remote boot attestation and runtime...
AlmaLinux 9 : keylime (ALSA-2024:1139)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:1139 advisory. - A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate f...
keylime security update
7.3.0-13 - Backport fix for CVE-2023-3674 Resolves: RHEL-21013...
Oracle Linux 9 : keylime (ELSA-2024-1139)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1139 advisory. 7.3.0-13 - Backport fix for CVE-2023-3674 Resolves: RHEL-21013 Tenable has extracted the preceding description block directly from the Oracle Linux security...
Low: Red Hat Security Advisory: keylime security update
An update for keylime is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
RHEL 9 : keylime (RHSA-2024:1139)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1139 advisory. Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: Attestation failu...
Low: keylime security update
Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: Attestation failure when the quote's signature does not validate CVE-2023-3674 For more details about the security issues, including the impact, a CVSS score,...
CVE-2023-3674 Keylime: attestation failure when the quote's signature does not validate
A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted...
CVE-2023-3674 Keylime: attestation failure when the quote's signature does not validate
A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted...
CVE-2023-3674
Keylime CVE-2023-3674 affects the attestation verifier, where a TPM quote with an invalid signature is not flagged as faulty by the verifier (logged as an error instead of marking the device untrusted). Connected advisories confirm a fix was backported in various OS releases (e.g., RHEL/OpenELinu...