keylime: Keylime: Registrar allows identity takeover via duplicate UUID registration

A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module TPM device but claiming an existing agent's unique identifier UUID. This action overwrites the legitimate agent's identity, enabling the...

GHSA-XH5W-G8GQ-R3V9 Keylime allows users to register new agents by recycling existing UUIDs when using different TPM devices

A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module TPM device but claiming an existing agent's unique identifier UUID. This action overwrites the legitimate agent's identity, enabling the...

Keylime 安全漏洞

Keylime is an open source extensible trust system utilizing TPM technology from Keylime Open Source. A security vulnerability exists in Keylime that stems from the ability of an attacker to register a new agent and override the identity of a legitimate agent, potentially leading to a bypass of...