A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted.
Metrics
Affected Vendors & Products
References
History
Thu, 26 Sep 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2023-07-19T18:25:28.581Z
Updated: 2024-11-24T12:05:47.671Z
Reserved: 2023-07-14T12:39:01.155Z
Link: CVE-2023-3674
Vulnrichment
Updated: 2024-08-02T07:01:57.372Z
NVD
Status : Modified
Published: 2023-07-19T19:15:12.213
Modified: 2024-11-21T08:17:48.590
Link: CVE-2023-3674
Redhat