CVE-2023-3674 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2023-3674 Interim 1 3 2023-07-20T23:18:58Z current 2023-07-14T23:20:43Z 2023-07-20T23:18:58Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2023-3674 A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP5 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP4 SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime keylime-agent keylime-config keylime-firewalld keylime-logrotate keylime-registrar keylime-tpm_cert_store keylime-verifier python3-keylime keylime-agent as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime-config as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime-firewalld as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime-logrotate as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime-registrar as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime-tpm_cert_store as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime-verifier as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 python3-keylime as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 keylime-agent as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 keylime-config as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 keylime-firewalld as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 keylime-logrotate as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 keylime-registrar as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 keylime-tpm_cert_store as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 keylime-verifier as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 python3-keylime as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 keylime as a component of SUSE Linux Enterprise Module for Basesystem 15 SP5 A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted. CVE-2023-3674 SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-agent SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-config SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-firewalld SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-logrotate SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-registrar SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-tpm_cert_store SUSE Linux Enterprise Module for Basesystem 15 SP4:keylime-verifier SUSE Linux Enterprise Module for Basesystem 15 SP4:python3-keylime SUSE Linux Enterprise Module for Basesystem 15 SP5:keylime SUSE Linux Enterprise Module for Basesystem 15 SP5:keylime-agent SUSE Linux Enterprise Module for Basesystem 15 SP5:keylime-config SUSE Linux Enterprise Module for Basesystem 15 SP5:keylime-firewalld SUSE Linux Enterprise Module for Basesystem 15 SP5:keylime-logrotate SUSE Linux Enterprise Module for Basesystem 15 SP5:keylime-registrar SUSE Linux Enterprise Module for Basesystem 15 SP5:keylime-tpm_cert_store SUSE Linux Enterprise Module for Basesystem 15 SP5:keylime-verifier SUSE Linux Enterprise Module for Basesystem 15 SP5:python3-keylime low 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N