Описание
ELSA-2024-1139: keylime security update (LOW)
[7.3.0-13]
- Backport fix for CVE-2023-3674 Resolves: RHEL-21013
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
keylime
7.3.0-13.el9_3
keylime-base
7.3.0-13.el9_3
keylime-registrar
7.3.0-13.el9_3
keylime-selinux
7.3.0-13.el9_3
keylime-tenant
7.3.0-13.el9_3
keylime-verifier
7.3.0-13.el9_3
python3-keylime
7.3.0-13.el9_3
Oracle Linux x86_64
keylime
7.3.0-13.el9_3
keylime-base
7.3.0-13.el9_3
keylime-registrar
7.3.0-13.el9_3
keylime-selinux
7.3.0-13.el9_3
keylime-tenant
7.3.0-13.el9_3
keylime-verifier
7.3.0-13.el9_3
python3-keylime
7.3.0-13.el9_3
Связанные CVE
Связанные уязвимости
A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted.
A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted.
keylime fails to flag device as untrusted when signature does not validate