Moderate: Red Hat Security Advisory: keylime security update

An update for keylime is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

keylime: Keylime: Security bypass due to hardcoded TPM quote nonce

A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...

[SECURITY] Fedora 43 Update: keylime-7.14.2-1.fc43

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution...

[SECURITY] Fedora 44 Update: keylime-7.14.2-1.fc44

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution...

Fedora 44 : keylime (2026-9064cdf8ef)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-9064cdf8ef advisory. Updating for Keylime release v7.14.2: - This includes the fix for CVE-2026-6420. - Update keylime-selinux policy to the latest version 44.1.0 Tenable has...

Fedora 43 : keylime (2026-513c495139)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-513c495139 advisory. Updating for Keylime release v7.14.2: - This includes the fix for CVE-2026-6420. - Update keylime-selinux policy to the latest version 44.1.0 Tenable has...

[SECURITY] Fedora 44 Update: keylime-agent-rust-0.2.9-2.fc44

The Keylime agent...

[SECURITY] Fedora 43 Update: keylime-agent-rust-0.2.9-2.fc43

The Keylime agent...

Fedora 43 : keylime-agent-rust (2026-30a8b60b25)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-30a8b60b25 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

Fedora 44 : keylime-agent-rust (2026-9002354692)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9002354692 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

keylime-config-7.14.2-1.1 on GA media (moderate)

keylime-config-7.14.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10779-1 Rating: moderate Cross-References: CVE-2026-6420 CVSS scores: CVE-2026-6420 SUSE : 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L CVE-2026-6420 SUSE : 8.3...

OPENSUSE-SU-2026:10779-1 keylime-config-7.14.2-1.1 on GA media

These are all security issues fixed in the keylime-config-7.14.2-1.1 package on the GA media of openSUSE Tumbleweed...

EUVD-2026-27657

Keylime has a hardcoded attestation challenge nonce that allows replay attacks...

GHSA-WC6P-4GWJ-JCR8 Duplicate Advisory: Keylime has a hardcoded attestation challenge nonce that allows replay attacks

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-q8w6-w55c-ccv5. This link is maintained to preserve external references. Original Description A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent...

Duplicate Advisory: Keylime has a hardcoded attestation challenge nonce that allows replay attacks

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-q8w6-w55c-ccv5. This link is maintained to preserve external references. Original Description A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent...

CVE-2026-6420

A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...

CVE-2026-6420 Keylime: keylime: security bypass due to hardcoded tpm quote nonce

A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...

CVE-2026-6420

A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...

CVE-2026-6420

CVE-2026-6420 affects Keylime: a flaw in the verifier uses a hardcoded TPM quote nonce instead of a cryptographically random value. An attacker with root on an enrolled monitored machine where the Keylime agent runs can stockpile valid TPM quotes and replay them to evade detection after compromis...

CVE-2026-6420 Keylime: keylime: security bypass due to hardcoded tpm quote nonce

A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...