CVE-2023-38200

A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
Affected Products (NVD)
VendorProductVersion
keylimekeylime
-
redhatenterprise_linux
9.0
redhatenterprise_linux_eus
9.2
redhatenterprise_linux_for_ibm_z_systems
9.0_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_eus
9.2_s390x:_s390x
redhatenterprise_linux_for_power_little_endian
9.0_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
9.0_ppc64le:_ppc64le
redhatenterprise_linux_server_aus
9.2
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
keylime
bionic
ignored
focal
dne
jammy
dne
lunar
dne
trusty
ignored
xenial
ignored
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
keylime
RHEL 9
0:6.5.2-6.el9_2
fixed
keylime-base
RHEL 9
0:6.5.2-6.el9_2
fixed
keylime-registrar
RHEL 9
0:6.5.2-6.el9_2
fixed
keylime-selinux
RHEL 9
0:6.5.2-6.el9_2
fixed
keylime-tenant
RHEL 9
0:6.5.2-6.el9_2
fixed
keylime-verifier
RHEL 9
0:6.5.2-6.el9_2
fixed
python3-keylime
RHEL 9
0:6.5.2-6.el9_2
fixed
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2023:5080
https://access.redhat.com/security/cve/CVE-2023-38200
https://bugzilla.redhat.com/show_bug.cgi?id=2222692
https://github.com/keylime/keylime/pull/1421
https://access.redhat.com/errata/RHSA-2023:5080
https://access.redhat.com/security/cve/CVE-2023-38200
https://bugzilla.redhat.com/show_bug.cgi?id=2222692
https://github.com/keylime/keylime/pull/1421
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZIZZB5NHNCS5D2AEH3ZAO6OQC72IK7WS/