Impact
Keylime registrar is prone to a simple denial of service attack in which an adversary opens a connection to the TLS port (by default, port 8891) blocking further, legitimate connections. As long as the connection is open, the registrar is blocked and cannot serve any further clients (agents and tenants), which prevents normal operation. The problem does not affect the verifier.
Patches
Users should upgrade to release 7.4.0
Credit
Reported by: Florian Kohnhäuser/@flozilla
Patched-by: Florian Kohnhäuser/@flozilla
Impact
Keylime
registraris prone to a simple denial of service attack in which an adversary opens a connection to the TLS port (by default, port8891) blocking further, legitimate connections. As long as the connection is open, theregistraris blocked and cannot serve any further clients (agentsandtenants), which prevents normal operation. The problem does not affect theverifier.Patches
Users should upgrade to release 7.4.0
Credit
Reported by: Florian Kohnhäuser/@flozilla
Patched-by: Florian Kohnhäuser/@flozilla