A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2023-07-19T18:25:28.581Z
Updated: 2024-09-16T17:05:47.634Z
Reserved: 2023-07-14T12:39:01.155Z
Link: CVE-2023-3674
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-07-19T19:15:12.213
Modified: 2024-04-25T13:15:50.787
Link: CVE-2023-3674
Redhat