GHSA-f4r5-q63f-gcww
Suggest an improvement- Source
- https://github.com/advisories/GHSA-f4r5-q63f-gcww
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/09/GHSA-f4r5-q63f-gcww/GHSA-f4r5-q63f-gcww.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-f4r5-q63f-gcww
- Aliases
- Published
- 2023-09-06T13:49:43Z
- Modified
- 2024-09-27T21:33:41.542939Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- 8.7 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- Keylime registrar and (untrusted) Agent can be bypassed by an attacker
- Details
-
Impact
A security issue was found in the Keylime
registrarcode which allows an attacker to effectively bypass the challenge-response protocol used to verify that anagenthas indeed access to an AIK which in indeed related to the EK.When an
agentstarts up, it will contact aregistrarand provide a public EK and public AIK, in addition to the EK Certificate. Thisregistrarwill then challenge theagentto decrypt a challenge encrypted with the EK.When receiving the wrong "authtag" back from the
agentduring activation, theregistraranswers with an error message that contains the expected correct "authtag" (an HMAC which is calculated within theregistrarfor checking). An attacker could simply record the correct expected "authtag" from the HTTP error message and perform the activate call again with the correct expected "authtag" for theagent.The security issue allows an attacker to pass the challenge-response protocol during registration with (almost) arbitrary registration data. In particular, the attacker can provide a valid EK Certificate and EK, which passes verification by the
tenant(orregistrar), while using a compromised AIK, which is stored unprotected outside the TPM and is unrelated to former two. The attacker then deliberately fails the initial activation call to get to know the correct "auth_tag" and then provides it in a subsequent activation call. This results in anagentwhich is (incorrectly) registered with a valid EK Certificate, but with a compromised/unrelated AIK.Patches
Users should upgrade to release 7.5.0
- Database specific
{ "nvd_published_at": "2023-08-25T17:15:08Z", "cwe_ids": [ "CWE-639" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2023-09-06T13:49:43Z" }- References
-
- https://github.com/keylime/keylime/security/advisories/GHSA-f4r5-q63f-gcww
- https://nvd.nist.gov/vuln/detail/CVE-2023-38201
- https://github.com/keylime/keylime/commit/9e5ac9f25cd400b16d5969f531cee28290543f2a
- https://access.redhat.com/errata/RHSA-2023:5080
- https://access.redhat.com/security/cve/CVE-2023-38201
- https://bugzilla.redhat.com/show_bug.cgi?id=2222693
- https://github.com/keylime/keylime
- https://github.com/pypa/advisory-database/tree/main/vulns/keylime/PYSEC-2023-160.yaml
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZIZZB5NHNCS5D2AEH3ZAO6OQC72IK7WS
Affected packages
PyPI / keylime
Package
- Name
- keylime
- View open source insights on deps.dev
- Purl
- pkg:pypi/keylime