CVE-2023-3674 - OpenCVE

A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Keylime	Keylime
Fedoraproject	Fedora

Configuration 1 [-]

cpe:2.3:a:keylime:keylime:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*

References

Link	Resource
https://access.redhat.com/errata/RHSA-2024:1139
https://access.redhat.com/security/cve/CVE-2023-3674	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2222903	Issue Tracking Patch Third Party Advisory
https://github.com/keylime/keylime/commit/95ce3d86bd2c53009108ffda2dcf553312d733db	Patch

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2023-07-19T18:25:28.581Z

Updated: 2024-05-01T20:20:47.491Z

Reserved: 2023-07-14T12:39:01.155Z

Link: CVE-2023-3674

JSON object: View

NVD Information

Status : Modified

Published: 2023-07-19T19:15:12.213

Modified: 2024-04-25T13:15:50.787

Link: CVE-2023-3674

JSON object: View

Redhat Information

No data.

CWE

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2023-3674", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2023-07-14T12:39:01.155Z", "datePublished": "2023-07-19T18:25:28.581Z", "dateUpdated": "2024-05-01T20:20:47.491Z"}, "containers": {"cna": {"title": "Keylime: attestation failure when the quote's signature does not validate", "metrics": [{"other": {"content": {"value": "Low", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "keylime", "defaultStatus": "affected", "versions": [{"version": "0:7.3.0-13.el9_3", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2024:1139", "name": "RHSA-2024:1139", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2023-3674", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222903", "name": "RHBZ#2222903", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://github.com/keylime/keylime/commit/95ce3d86bd2c53009108ffda2dcf553312d733db"}], "datePublic": "2023-07-12T00:00:00+00:00", "problemTypes": [{"descriptions": [{"cweId": "CWE-1283", "description": "Mutable Attestation or Measurement Reporting Data", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-1283: Mutable Attestation or Measurement Reporting Data", "timeline": [{"lang": "en", "time": "2023-07-14T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2023-07-12T00:00:00+00:00", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Stefan Berger (IBM) for reporting this issue."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-05-01T20:20:47.491Z"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:keylime:keylime:*:*:*:*:*:*:*:*", "matchCriteriaId": "B302DE8A-15E2-4275-B8AB-A8350EEFF5E2", "versionEndExcluding": "7.2.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted."}], "id": "CVE-2023-3674", "lastModified": "2024-04-25T13:15:50.787", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.8, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 2.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 1.4, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2023-07-19T19:15:12.213", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2024:1139"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2023-3674"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222903"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://github.com/keylime/keylime/commit/95ce3d86bd2c53009108ffda2dcf553312d733db"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-1283"}], "source": "secalert@redhat.com", "type": "Secondary"}]}