A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2023:5080 | Third Party Advisory |
https://access.redhat.com/security/cve/CVE-2023-38200 | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2222692 | Issue Tracking Third Party Advisory |
https://github.com/keylime/keylime/pull/1421 | Patch |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
16 Sep 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
28 Dec 2023, 15:40
Type | Values Removed | Values Added |
---|---|---|
First Time |
Redhat enterprise Linux For Ibm Z Systems Eus
Redhat enterprise Linux Eus Redhat enterprise Linux For Power Little Endian Eus Redhat enterprise Linux Server Aus Redhat enterprise Linux For Power Little Endian Redhat enterprise Linux For Ibm Z Systems |
|
CPE | cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:* |
|
References | (MISC) https://access.redhat.com/errata/RHSA-2023:5080 - Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZIZZB5NHNCS5D2AEH3ZAO6OQC72IK7WS/ - Mailing List |
12 Nov 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 Sep 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
01 Aug 2023, 20:27
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/keylime/keylime/pull/1421 - Patch | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2222692 - Issue Tracking, Third Party Advisory | |
References | (MISC) https://access.redhat.com/security/cve/CVE-2023-38200 - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CWE | CWE-834 | |
First Time |
Keylime keylime
Fedoraproject Keylime Redhat Fedoraproject fedora Redhat enterprise Linux |
|
CPE | cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:a:keylime:keylime:-:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:* |
24 Jul 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-24 16:15
Updated : 2024-09-16 13:15
NVD link : CVE-2023-38200
Mitre link : CVE-2023-38200
CVE.ORG link : CVE-2023-38200
JSON object : View
Products Affected
redhat
- enterprise_linux
- enterprise_linux_for_ibm_z_systems
- enterprise_linux_for_power_little_endian_eus
- enterprise_linux_server_aus
- enterprise_linux_eus
- enterprise_linux_for_ibm_z_systems_eus
- enterprise_linux_for_power_little_endian
keylime
- keylime
fedoraproject
- fedora