SUSE CVE-2022-23950

In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations...

CVE-2022-23950

In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations...

CVE-2022-23950

In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations...

Design/Logic Flaw

In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations...

CVE-2022-23950

In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations...

CVE-2022-23950

In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations...

CVE-2022-23950

In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations...

PT-2022-16361 · Keylime · Keylime

Name of the Vulnerable Software and Affected Versions: Keylime versions prior to 6.3.0 Description: The issue arises from the Revocation Notifier in Keylime using a fixed /tmp path for a UNIX domain socket. This can be exploited by unprivileged users to prohibit Keylime operations. Recommendation...