A flaw was found in keylime 5.8.1 and older. The issue in the Keylime agent and registrar code invalidates the cryptographic chain of trust from the Endorsement Key certificate to agent attestations.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1932469 | Issue Tracking Third Party Advisory |
https://github.com/keylime/keylime/security/advisories/GHSA-78f8-6c68-375m | Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YAWKEF2LVXUME266T6RNRVBGAD375QAT/ | |
https://bugzilla.redhat.com/show_bug.cgi?id=1932469 | Issue Tracking Third Party Advisory |
https://github.com/keylime/keylime/security/advisories/GHSA-78f8-6c68-375m | Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YAWKEF2LVXUME266T6RNRVBGAD375QAT/ |
Configurations
History
21 Nov 2024, 06:21
Type | Values Removed | Values Added |
---|---|---|
References | () https://bugzilla.redhat.com/show_bug.cgi?id=1932469 - Issue Tracking, Third Party Advisory | |
References | () https://github.com/keylime/keylime/security/advisories/GHSA-78f8-6c68-375m - Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YAWKEF2LVXUME266T6RNRVBGAD375QAT/ - |
07 Nov 2023, 03:37
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2021-02-25 20:15
Updated : 2024-11-21 06:21
NVD link : CVE-2021-3406
Mitre link : CVE-2021-3406
CVE.ORG link : CVE-2021-3406
JSON object : View
Products Affected
keylime
- keylime
fedoraproject
- fedora