Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5
CVE-2022-23948
- EPSS 0.32%
- Veröffentlicht 21.09.2022 19:15:09
- Zuletzt bearbeitet 29.05.2025 19:15:22
A flaw was found in Keylime before 6.3.0. The logic in the Keylime agent for checking for a secure mount can be fooled by previously created unprivileged mounts allowing secrets to be leaked to other processes on the host.
9.1
CVE-2022-1053
- EPSS 0.47%
- Veröffentlicht 06.05.2022 17:15:08
- Zuletzt bearbeitet 21.11.2024 06:39:56
Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows an attacker to use one AK, EK pair from a real TPM...
9.8
CVE-2021-3406
- EPSS 0.1%
- Veröffentlicht 25.02.2021 20:15:11
- Zuletzt bearbeitet 21.11.2024 06:21:25
A flaw was found in keylime 5.8.1 and older. The issue in the Keylime agent and registrar code invalidates the cryptographic chain of trust from the Endorsement Key certificate to agent attestations.