keylime-7.12.1-11.el9_7.4

エラータID: AXSA:2026-165:01

Release date: 
Thursday, February 12, 2026 - 14:54
Subject: 
keylime-7.12.1-11.el9_7.4
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution.

Security Fix(es):

* keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication (CVE-2026-1709)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2026-1709
A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate.

Solution: 

Update packages.

CVEs: 
CVE-2026-1709
A flaw was found in Keylime. The Keylime registrar, since version 7.12.0, does not enforce client-side Transport Layer Security (TLS) authentication. This authentication bypass vulnerability allows unauthenticated clients with network access to perform administrative operations, including listing agents, retrieving public Trusted Platform Module (TPM) data, and deleting agents, by connecting without presenting a client certificate.
Additional Info: 

N/A

Download: 

SRPMS
  1. keylime-7.12.1-11.el9_7.4.src.rpm
    MD5: 05a6bd8f8db73198f88143c1f18e9b95
    SHA-256: f4c747fc3cf122eb5415bd04c16c4b84f5a7452dd0489f861633d1a3f96d54d9
    Size: 9.64 MB

Asianux Server 9 for x86_64
  1. keylime-7.12.1-11.el9_7.4.x86_64.rpm
    MD5: b10e3ccac91fccc55133f2a0d738b1dc
    SHA-256: f9d299d8b04829a6770f025063e3f59736762e37841a98c33a485380a51bf44d
    Size: 13.14 kB
  2. keylime-base-7.12.1-11.el9_7.4.x86_64.rpm
    MD5: 2a70720bd6d14e98bcfb4bfafee777de
    SHA-256: 1b3c0538e66fbd6ebc9f78c17f23289adf1c377df2ad3c15209cf4d42a05aadc
    Size: 130.18 kB
  3. keylime-registrar-7.12.1-11.el9_7.4.x86_64.rpm
    MD5: caca25808c2842ac4ec3a02b843c1770
    SHA-256: 357f4a8484c223099781d322decc42cf742cc52ca5b307dbd4762dec1dd7804b
    Size: 17.56 kB
  4. keylime-selinux-7.12.1-11.el9_7.4.noarch.rpm
    MD5: ff88687dbd9d8ae706e7d41fda37d374
    SHA-256: f1be45be4372f256a92bdf9f40e9adc26dd5980992c9097123eef30ea4290470
    Size: 24.78 kB
  5. keylime-tenant-7.12.1-11.el9_7.4.x86_64.rpm
    MD5: 2b783fe3f41d4da829e3f254f36aa1eb
    SHA-256: bd6be67d9593bb164cfc64060df2d205a1c769e384f393fd04a9bf531c62c0a6
    Size: 16.04 kB
  6. keylime-verifier-7.12.1-11.el9_7.4.x86_64.rpm
    MD5: b3a9dcf647d3805d3764d7fcf82a0689
    SHA-256: 934a36bbc980ccb180e30cce78515b63e9c0a100a9ec98f19a9d66bd250cfea1
    Size: 18.93 kB
  7. python3-keylime-7.12.1-11.el9_7.4.x86_64.rpm
    MD5: 7a4d8cad0e6de18d8332c753ec4cd051
    SHA-256: 193eaf6be2d55060cb043b97eeecfb2caca6a5d41561cff8242958a60377c8c5
    Size: 675.37 kB