7 matches found
PT-2026-36329
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the crypto CCP component when retrieving the PEK CSR. If a firmware command fails, specifically due to an invalid length where the userspace buffer is too small, the...
SUSE CVE-2022-1053
Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows an attacker to use one AK, EK pair from a real TPM to pass EK validation and give the verifier an...
PYSEC-2022-184
Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows an attacker to use one AK, EK pair from a real TPM to pass EK validation and give the verifier an...
CVE-2021-3406
A flaw was found in keylime 5.8.1 and older. The issue in the Keylime agent and registrar code invalidates the cryptographic chain of trust from the Endorsement Key certificate to agent attestations...
Fedora 32 : keylime (2021-11e4ae96a7)
The remote Fedora 32 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-11e4ae96a7 advisory. - A flaw was found in keylime 5.8.1 and older. The issue in the Keylime agent and registrar code invalidates the cryptographic chain of trust from the...
Fedora 33 : keylime (2021-5c01339c12)
The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-5c01339c12 advisory. - A flaw was found in keylime 5.8.1 and older. The issue in the Keylime agent and registrar code invalidates the cryptographic chain of trust from the...
August 16, 2017—KB4034661 (OS Build 14393.1613)
None None...