CVE-2025-1057

Опубликовано: 05 фев. 2025

Источник: redhat

CVSS3: 4.3

Описание

A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas the updated registrar expects str. This issue leads to an exception when processing agent registration requests, causing the agent to fail.

Отчет

Red Hat does not ship Keylime 7.12.0 in any supported product, and therefore, this vulnerability does not affect Red Hat customers. For users running third-party installations of Keylime, a flaw exists where strict type checking introduced in 7.12.0 prevents the registrar from processing database entries created by previous versions. This can lead to a denial of service when agents fail to register after an upgrade. Red Hat recommends users refer to upstream Keylime sources for mitigation guidance.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 10	keylime	Not affected
Red Hat Enterprise Linux 9	keylime	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-704

https://bugzilla.redhat.com/show_bug.cgi?id=2343894keylime: Keylime Registrar DoS Due to Incompatible Database Entry Handling

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2025-1057

CVSS3: 4.3

ubuntu

11 месяцев назад

CVE-2025-1057

CVSS3: 4.3

nvd

11 месяцев назад

GHSA-9jxq-5x44-gx23

CVSS3: 4.3

github

12 месяцев назад

Keylime registrar is vulnerable to Denial-of-Service attack when updated to version 7.12.0

openSUSE-SU-2025:20159-1

suse-cvrf

около 2 месяцев назад

Security update for keylime

4.3 Medium

CVSS3