ghsa-9jxq-5x44-gx23
Vulnerability from github
Impact
The Keylime registrar implemented more strict type checking on version 7.12.0. As a result, when updated to version 7.12.0, the registrar will not accept the format of the data previously stored in the database by versions >= 7.8.0, raising an exception.
This makes the Keylime registrar vulnerable to a Denial-of-Service attack in an update scenario, as an attacker could populate the registrar database by creating multiple valid agent registrations with different UUIDs while the version is still < 7.12.0. Then, when the Keylime registrar is updated to the 7.12.0 version, any query to the database matching any of the entries populated by the attacker will result in failure.
Patches
Users should upgrade to versions >= 7.12.1
Workarounds
- Remove the registrar database and re-register all agents
Credit
Reported by: Anderson Toshiyuki Sasaki/@ansasaki Patched by: Anderson Toshiyuki Sasaki/@ansasaki
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "keylime"
},
"ranges": [
{
"events": [
{
"introduced": "7.12.0"
},
{
"fixed": "7.12.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"7.12.0"
]
}
],
"aliases": [
"CVE-2025-1057"
],
"database_specific": {
"cwe_ids": [
"CWE-1287",
"CWE-704"
],
"github_reviewed": true,
"github_reviewed_at": "2025-02-14T18:03:14Z",
"nvd_published_at": "2025-03-15T09:15:10Z",
"severity": "MODERATE"
},
"details": "### Impact\nThe Keylime `registrar` implemented more strict type checking on version 7.12.0. As a result, when updated to version 7.12.0, the `registrar` will not accept the format of the data previously stored in the database by versions \u003e= 7.8.0, raising an exception.\n\nThis makes the Keylime `registrar` vulnerable to a Denial-of-Service attack in an update scenario, as an attacker could populate the `registrar` database by creating multiple valid agent registrations with different UUIDs while the version is still \u003c 7.12.0. Then, when the Keylime `registrar` is updated to the 7.12.0 version, any query to the database matching any of the entries populated by the attacker will result in failure.\n\n### Patches\nUsers should upgrade to versions \u003e= 7.12.1\n\n### Workarounds\n- Remove the registrar database and re-register all agents\n\n### Credit\n\nReported by: Anderson Toshiyuki Sasaki/@ansasaki\nPatched by: Anderson Toshiyuki Sasaki/@ansasaki",
"id": "GHSA-9jxq-5x44-gx23",
"modified": "2025-03-15T20:47:38Z",
"published": "2025-02-14T18:03:14Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/keylime/keylime/security/advisories/GHSA-9jxq-5x44-gx23"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1057"
},
{
"type": "WEB",
"url": "https://github.com/keylime/keylime/commit/e08b10d86c3717006774e787542c190e2ba24fc7"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2025-1057"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343894"
},
{
"type": "PACKAGE",
"url": "https://github.com/keylime/keylime"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
],
"summary": "Keylime registrar is vulnerable to Denial-of-Service attack when updated to version 7.12.0"
}
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.