SUSE CVE-2023-43636

In EVE OS, the “measured boot” mechanism prevents a compromised device from accessing the encrypted data located in the vault. As per the “measured boot” design, the PCR values calculated at different stages of the boot process will change if any of their respective parts are changed. This...

SUSE CVE-2023-43631

On boot, the Pillar eve container checks for the existence and content of “/config/authorizedkeys”. If the file is present, and contains a supported public key, the container will go on to open port 22 and enable sshd with the given keys as the authorized keys for root login. An attacker could...

Exploit for Cross-Site Request Forgery (CSRF) in Ilevia Eve_X1_Server_Firmware

No d...

Eve'S Forgery Probability from Her False Acceptance Probability: Interactive Authentication, Holevo Information and the Min-Entropy

We obtain estimates for Eve's forgery probability, namely the probability that she is able to forge a message which Alice or Bob mistakenly accept over a noisy Quantum channel for generating a shared Quantum secret key. This probability is related to Eve's success probability obtained in a previo...

GO-2026-4436 EVE Has Partially Predetermined Vault Key in github.com/lf-edge/eve

EVE Has Partially Predetermined Vault Key in github.com/lf-edge/eve...

GO-2026-4434 EVE Seals Vault Key With SHA1 PCRs in github.com/lf-edge/eve

EVE Seals Vault Key With SHA1 PCRs in github.com/lf-edge/eve...

GO-2026-4432 EVE Doesn't Protect Config Partition with Measured Boot in github.com/lf-edge/eve

EVE Doesn't Protect Config Partition with Measured Boot in github.com/lf-edge/eve...

GO-2026-4422 EVE Freely Allocates Buffer on The Stack With Data From Socket in github.com/lf-edge/eve

EVE Freely Allocates Buffer on The Stack With Data From Socket in github.com/lf-edge/eve...

GO-2026-4428 EVE's Debug Functions Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve

EVE's Debug Functions Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve...

GO-2026-4418 EVE: SSH as Root Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve

EVE: SSH as Root Unlockable Without Triggering Measured Boot in github.com/lf-edge/eve...

PT-2026-6531

EVE Doesn't Measure Config Partition From 2 Fronts in github.com/lf-edge/eve...

EVE Doesn't Protect Config Partition with Measured Boot

Impact Config partition measurement was moved from PCR 13 to PCR 14 in a commit, but PCR 14 was not added to the list of PCRs that seal/unseal the vault key. As a result, an attacker can remove the disk, use another server to modify the files in the config partition, and then re-insert the disk...

GHSA-WC42-FCJP-V8VQ EVE Doesn't Protect Config Partition with Measured Boot

Impact Config partition measurement was moved from PCR 13 to PCR 14 in a commit, but PCR 14 was not added to the list of PCRs that seal/unseal the vault key. As a result, an attacker can remove the disk, use another server to modify the files in the config partition, and then re-insert the disk...

PT-2026-6420

Impact The deriveVaultKey function calls retrieveCloudKey which always returns "foobarfoobarfoobarfoobarfoobarfo". When merged with the randomly generated 32-byte key using mergeKeys 16 bytes from each, the last 16 bytes are always "arfoobarfoobarfo". This enables an attacker with physical access...

PT-2026-6461

Impact PCR14 is not included in the list of PCRs that seal/unseal the vault key. Additionally, the vault key uses SHA1 PCRs instead of SHA256. Thus an attacker with physical access can take out the disk, use a different computer to modify the files in the /config partition, and re-insert the disk...

PT-2026-6495

Impact Config partition measurement was moved from PCR 13 to PCR 14 in a commit, but PCR 14 was not added to the list of PCRs that seal/unseal the vault key. As a result, an attacker can remove the disk, use another server to modify the files in the config partition, and then re-insert the disk...

PT-2026-6369

Impact Measured boot validates BIOS, grub, kernel cmdline, and initrd but not the entire rootfs. Thus, an attacker can create an EVE-OS rootfs squashfs image with some files modified and take out the disk and replace the existing rootfs image without that being detected by measure boot and remote...

SUSE CVE-2026-22261

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handling, especially for alerts not triggered in a tx, can lead to severe slowdowns. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, disable XFF support in the eve...

CVE-2026-22261

A flaw was found in Suricata, a network Intrusion Detection System IDS, Intrusion Prevention System IPS, and Network Security Monitoring NSM engine. Various inefficiencies in its eXtended Forwarded For XFF handling, particularly for alerts not triggered in a transaction, can lead to severe...

CVE-2026-22261

Suricata is a network IDS, IPS and NSM engine. Prior to versions 8.0.3 and 7.0.14, various inefficiencies in xff handling, especially for alerts not triggered in a tx, can lead to severe slowdowns. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, disable XFF support in the eve...