keylime-6.5.2-6.el9.ML.1
エラータID: AXSA:2023-6400:04
リリース日:
2023/09/20 Wednesday - 04:52
題名:
keylime-6.5.2-6.el9.ML.1
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- Keylime のレジストラ機能には、SSL 接続を受け付けたうえでブロック
してしまう問題があるため、リモートの攻撃者により、大量の SSL 接続
の要求を介して、サービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2023-38200)
- Keylime のレジストラ機能には、チャレンジ/レスポンスプロトコル
による認証を迂回できてしまう問題があるため、近隣ネットワーク上
の攻撃者により、検証対象のリストへの細工されたエージェントの登録
を介して、レジストラのデータベースの破壊を可能とする脆弱性が存在
します。(CVE-2023-38201)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-38200
A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.
A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.
CVE-2023-38201
A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.
A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.
追加情報:
N/A
ダウンロード:
SRPMS
- keylime-6.5.2-6.el9.ML.1.src.rpm
MD5: df67a93e630090632279d92deb397891
SHA-256: b3dc8b8cd3abcf6b42f935ef703b579524d9964658912c9d586a054c7db2d7ae
Size: 9.33 MB
Asianux Server 9 for x86_64
- keylime-6.5.2-6.el9.ML.1.x86_64.rpm
MD5: 10d6f50322203e76e1c7d53ac2ae3db1
SHA-256: 54064f96696fde3b297f00c6aabe09446339709e3bb28d8e92e4d5e559fc49d5
Size: 13.04 kB - keylime-base-6.5.2-6.el9.ML.1.x86_64.rpm
MD5: c33de805a7e34468f67715efd6f932c9
SHA-256: 47d3e25d493610289d51c6e32b1305b1905e0818be9b1ff64988fea514abcb75
Size: 59.15 kB - keylime-registrar-6.5.2-6.el9.ML.1.x86_64.rpm
MD5: 8f69c03f62c8eba1a8d9072a152e0072
SHA-256: 11b7f8165a7796336b3cff6e7d40be7802ebc38248ac3b6344c2837599474c43
Size: 16.06 kB - keylime-selinux-6.5.2-6.el9.ML.1.noarch.rpm
MD5: ecf27cd9ea198d758b713e63901862ca
SHA-256: ff6a394a0fc25803a8b2ae01e6e3b9eb58e58e21a588def48ab204bb872b8984
Size: 23.08 kB - keylime-tenant-6.5.2-6.el9.ML.1.x86_64.rpm
MD5: e3580cfec36eb54eb69dee0d96763297
SHA-256: 996efb64ea070d43dbad47cc25343c52fb464d966d09871d5fa43a1b4d52a108
Size: 15.67 kB - keylime-verifier-6.5.2-6.el9.ML.1.x86_64.rpm
MD5: 1397bb5455bbb3811a87f8b0bc942117
SHA-256: c6954eeb17722e9f863c1eddb90cea9ddb649f787c750fcdc42292357949b1d4
Size: 17.87 kB - python3-keylime-6.5.2-6.el9.ML.1.x86_64.rpm
MD5: ba46dff616a34880fc1a6192c3a6a11b
SHA-256: 3ee9b36aa24812d38e3dfe0177790438ba490fe48433763eb86dd71d2532bf55
Size: 339.00 kB
English