Vulnerability	Vulnerable Version
M Authorization Bypass Through User-Controlled Key keylime is a TPM-based key bootstrapping and system integrity measurement system for cloud Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the `registrar` code, which allows an attacker to effectively bypass the challenge-response protocol used to verify that an agent has indeed access to an AIK, which in indeed related to the EK. When receiving the wrong `auth_tag` back from the agent during activation, the registrar answers with an error message containing the expected correct `auth_tag` (an HMAC calculated within the registrar for checking), which the attacker then uses. How to fix Authorization Bypass Through User-Controlled Key? Upgrade `keylime` to version 7.5.0 or higher.	[,7.5.0)

Authorization Bypass Through User-Controlled Key

keylime is a TPM-based key bootstrapping and system integrity measurement system for cloud

Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the registrar code, which allows an attacker to effectively bypass the challenge-response protocol used to verify that an agent has indeed access to an AIK, which in indeed related to the EK. When receiving the wrong auth_tag back from the agent during activation, the registrar answers with an error message containing the expected correct auth_tag (an HMAC calculated within the registrar for checking), which the attacker then uses.

How to fix Authorization Bypass Through User-Controlled Key?

Upgrade keylime to version 7.5.0 or higher.

[,7.5.0)

Go back to all versions of this package