Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2024/05/14 12:0 a.m.30 views

Rocky Linux 9 : keylime (RLSA-2024:1139)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:1139 advisory. - A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate...

2.8CVSS4.8AI score0.00203EPSS
Exploits0References3
OSV
OSV
added 2024/05/10 2:32 p.m.20 views

RLSA-2024:1139 Low: keylime security update

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: Attestation failure when the quote's signature does not validate CVE-2023-3674 For more details about the security issues, including the impact, a CVSS score,...

2.8CVSS3.8AI score0.00203EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2024/05/10 2:32 p.m.27 views

keylime security update

An update is available for keylime. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Keylime is a TPM based highly scalable remote boot attestation and runtime...

2.8CVSS7.3AI score0.00203EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/03/07 12:0 a.m.31 views

AlmaLinux 9 : keylime (ALSA-2024:1139)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:1139 advisory. - A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate f...

2.8CVSS4.8AI score0.00203EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2024/03/06 12:0 a.m.34 views

keylime security update

7.3.0-13 - Backport fix for CVE-2023-3674 Resolves: RHEL-21013...

2.8CVSS7.4AI score0.00203EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/03/06 12:0 a.m.32 views

Oracle Linux 9 : keylime (ELSA-2024-1139)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1139 advisory. 7.3.0-13 - Backport fix for CVE-2023-3674 Resolves: RHEL-21013 Tenable has extracted the preceding description block directly from the Oracle Linux security...

2.8CVSS4.8AI score0.00203EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/03/05 6:15 p.m.27 views

Low: Red Hat Security Advisory: keylime security update

An update for keylime is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

2.8CVSS5.9AI score0.00203EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/03/05 12:0 a.m.23 views

RHEL 9 : keylime (RHSA-2024:1139)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:1139 advisory. Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: Attestation failu...

2.8CVSS5AI score0.00203EPSS
Exploits0References5
AlmaLinux
AlmaLinux
added 2024/03/05 12:0 a.m.68 views

Low: keylime security update

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Security Fixes: keylime: Attestation failure when the quote's signature does not validate CVE-2023-3674 For more details about the security issues, including the impact, a CVSS score,...

2.8CVSS7.4AI score0.00203EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/07/19 6:25 p.m.28 views

CVE-2023-3674 Keylime: attestation failure when the quote's signature does not validate

A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted...

2.3CVSS3.8AI score0.00203EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/07/19 6:25 p.m.13 views

CVE-2023-3674 Keylime: attestation failure when the quote's signature does not validate

A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted...

2.3CVSS6.5AI score0.00203EPSS
Exploits0References4
CVE
CVE
added 2023/07/19 6:25 p.m.126 views

CVE-2023-3674

Keylime CVE-2023-3674 affects the attestation verifier, where a TPM quote with an invalid signature is not flagged as faulty by the verifier (logged as an error instead of marking the device untrusted). Connected advisories confirm a fix was backported in various OS releases (e.g., RHEL/OpenELinu...

2.8CVSS3.2AI score0.00203EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder