OpenCVE

In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Keylime	Keylime

Configuration 1 [-]

cpe:2.3:a:keylime:keylime:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/keylime/keylime/commit/ea5d0373fa2c050d5d95404eb779be7e8327b911
https://github.com/keylime/keylime/security/advisories/GHSA-9r9r-f8xc-m875
https://seclists.org/oss-sec/2022/q1/101

History

No history.

MITRE

Status: PUBLISHED

Assigner: fedora

Published: 2022-09-21T18:25:02

Updated: 2024-08-03T03:59:22.916Z

Reserved: 2022-01-25T00:00:00

Link: CVE-2022-23950

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-09-21T19:15:10.120

Modified: 2024-11-21T06:49:31.000

Link: CVE-2022-23950

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "keylime", "vendor": "n/a", "versions": [{"status": "affected", "version": "keylime 6.3.0"}]}], "descriptions": [{"lang": "en", "value": "In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-379", "description": "CWE-379", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-09-21T18:25:02", "orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://seclists.org/oss-sec/2022/q1/101"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/keylime/keylime/security/advisories/GHSA-9r9r-f8xc-m875"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/keylime/keylime/commit/ea5d0373fa2c050d5d95404eb779be7e8327b911"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "patrick@puiterwijk.org", "ID": "CVE-2022-23950", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "keylime", "version": {"version_data": [{"version_value": "keylime 6.3.0"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-379"}]}]}, "references": {"reference_data": [{"name": "https://seclists.org/oss-sec/2022/q1/101", "refsource": "MISC", "url": "https://seclists.org/oss-sec/2022/q1/101"}, {"name": "https://github.com/keylime/keylime/security/advisories/GHSA-9r9r-f8xc-m875", "refsource": "MISC", "url": "https://github.com/keylime/keylime/security/advisories/GHSA-9r9r-f8xc-m875"}, {"name": "https://github.com/keylime/keylime/commit/ea5d0373fa2c050d5d95404eb779be7e8327b911", "refsource": "MISC", "url": "https://github.com/keylime/keylime/commit/ea5d0373fa2c050d5d95404eb779be7e8327b911"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:59:22.916Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://seclists.org/oss-sec/2022/q1/101"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/keylime/keylime/security/advisories/GHSA-9r9r-f8xc-m875"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/keylime/keylime/commit/ea5d0373fa2c050d5d95404eb779be7e8327b911"}]}]}, "cveMetadata": {"assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "assignerShortName": "fedora", "cveId": "CVE-2022-23950", "datePublished": "2022-09-21T18:25:02", "dateReserved": "2022-01-25T00:00:00", "dateUpdated": "2024-08-03T03:59:22.916Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:keylime:keylime:*:*:*:*:*:*:*:*", "matchCriteriaId": "8BF970A4-62CA-4D1A-BDCC-4E5C717AD6C5", "versionEndExcluding": "6.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations."}, {"lang": "es", "value": "En Keylime versiones anteriores a 6.3.0, el notificador de revocaci\u00f3n usa una ruta /tmp fija para el socket de dominio UNIX que puede permitir a usuarios no privilegiado un m\u00e9todo para prohibir las operaciones de Keylime"}], "id": "CVE-2022-23950", "lastModified": "2024-11-21T06:49:31.000", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-21T19:15:10.120", "references": [{"source": "patrick@puiterwijk.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/keylime/keylime/commit/ea5d0373fa2c050d5d95404eb779be7e8327b911"}, {"source": "patrick@puiterwijk.org", "tags": ["Third Party Advisory"], "url": "https://github.com/keylime/keylime/security/advisories/GHSA-9r9r-f8xc-m875"}, {"source": "patrick@puiterwijk.org", "tags": ["Exploit", "Mailing List", "Patch", "Third Party Advisory"], "url": "https://seclists.org/oss-sec/2022/q1/101"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/keylime/keylime/commit/ea5d0373fa2c050d5d95404eb779be7e8327b911"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/keylime/keylime/security/advisories/GHSA-9r9r-f8xc-m875"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Patch", "Third Party Advisory"], "url": "https://seclists.org/oss-sec/2022/q1/101"}], "sourceIdentifier": "patrick@puiterwijk.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-379"}], "source": "patrick@puiterwijk.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-668"}], "source": "nvd@nist.gov", "type": "Primary"}]}