Количество 8
Количество 8
GHSA-xh5w-g8gq-r3v9
Keylime allows users to register new agents by recycling existing UUIDs when using different TPM devices
CVE-2025-13609
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identity, enabling the attacker to impersonate the compromised agent and potentially bypass security controls.
CVE-2025-13609
A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identity, enabling the attacker to impersonate the compromised agent and potentially bypass security controls.
RLSA-2025:23210
Important: keylime security update
RLSA-2025:23201
Important: keylime security update
ELSA-2025-23210
ELSA-2025-23210: keylime security update (IMPORTANT)
ELSA-2025-23201
ELSA-2025-23201: keylime security update (IMPORTANT)
openSUSE-SU-2025:20159-1
Security update for keylime
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-xh5w-g8gq-r3v9 Keylime allows users to register new agents by recycling existing UUIDs when using different TPM devices | CVSS3: 8.2 | 0% Низкий | 3 месяца назад |
 | CVE-2025-13609 A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identity, enabling the attacker to impersonate the compromised agent and potentially bypass security controls. | CVSS3: 8.2 | 0% Низкий | 3 месяца назад |
 | CVE-2025-13609 A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identity, enabling the attacker to impersonate the compromised agent and potentially bypass security controls. | CVSS3: 8.2 | 0% Низкий | 3 месяца назад |
 | RLSA-2025:23210 Important: keylime security update | 0% Низкий | около 2 месяцев назад | |
| RLSA-2025:23201 Important: keylime security update | 0% Низкий | около 2 месяцев назад | |
| ELSA-2025-23210 ELSA-2025-23210: keylime security update (IMPORTANT) | около 2 месяцев назад | ||
| ELSA-2025-23201 ELSA-2025-23201: keylime security update (IMPORTANT) | около 2 месяцев назад | ||
 | openSUSE-SU-2025:20159-1 Security update for keylime | 2 месяца назад |
Уязвимостей на страницу