CVE-2022-3500

A vulnerability was found in keylime. This security issue happens in some circumstances, due to some improperly handled exceptions, there exists the possibility that a rogue agent could create errors on the verifier that stopped attestation attempts for that host leaving it in an attested state but not verifying that anymore.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.1 MEDIUM
LOCAL
HIGH
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
Affected Products (NVD)
VendorProductVersion
keylimekeylime
𝑥
< 6.5.1
redhatenterprise_linux
9.0
𝑥
= Vulnerable software versions
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
keylime
RHEL 9
0:6.5.1-1.el9_1
fixed
keylime-base
RHEL 9
0:6.5.1-1.el9_1
fixed
keylime-registrar
RHEL 9
0:6.5.1-1.el9_1
fixed
keylime-selinux
RHEL 9
0:6.5.1-1.el9_1
fixed
keylime-tenant
RHEL 9
0:6.5.1-1.el9_1
fixed
keylime-verifier
RHEL 9
0:6.5.1-1.el9_1
fixed
python3-keylime
RHEL 9
0:6.5.1-1.el9_1
fixed
Common Weakness Enumeration
References
https://access.redhat.com/security/cve/CVE-2022-3500
https://github.com/keylime/keylime/pull/1128
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z/
https://access.redhat.com/security/cve/CVE-2022-3500
https://github.com/keylime/keylime/pull/1128
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUTHMDVFNGGVPCNPOGULMJAAFEP7MEXP/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QX4XVCAUFGJ2I2NCTOKONTJGRJB2NBBT/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQH5CJRX65QYMQN5WGUKKKE3IRJBWG5Z/