⚠️ Security Advisory
This release addresses CVE-2026-33697 (GHSA-vfgg-mvxx-mgg7), a high-severity vulnerability in CoCoS attested TLS (aTLS).
CVE-2026-33697 — aTLS Vulnerable to Relay Attacks via Extracted Ephemeral TLS Keys
Severity: High (CVSS 7.5 / 10)
Affected versions: v0.4.0 – v0.8.2
Patched in: v0.9.0
The aTLS implementation was vulnerable to relay attacks across all versions from v0.4.0 through v0.8.2, affecting both AMD SEV-SNP and Intel TDX deployment targets. An attacker who extracted the ephemeral TLS private key — via physical hardware access, transient execution attacks, or side-channel attacks — could relay or divert an attested TLS session. Because attestation evidence was bound to the ephemeral key but not to the TLS channel, a client could not distinguish a genuine attested service from an attacker's relay.
This vulnerability class was formally analyzed and demonstrated across multiple aTLS implementations and disclosed to the IETF TLS Working Group.
Mitigations introduced in this release:
- Post-handshake aTLS binding (#582) directly addresses the architectural weakness
- Refactored attestation and aTLS subsystems (#562)
Recommended hardening measures:
- Keep TEE firmware and microcode up to date to reduce the key-extraction surface
- Define strict attestation policies that validate all available report fields, including firmware versions, TCB levels, and platform configuration registers
- Enable mutual aTLS with CA-signed certificates where deployment architecture permits
Users on any version between v0.4.0 and v0.8.2 are strongly encouraged to upgrade to v0.9.0 immediately.
Highlights
This release introduces major architectural improvements including a dedicated attestation service, a new computation runner infrastructure, EAT (Entity Attestation Token) support, and significant refactoring of the attestation and aTLS subsystems.
New Features
Attestation Service
- Introduced a dedicated attestation service with the agent refactored to use its gRPC client, improving separation of concerns and modularity (#558)
- Added TDX policy tracking for improved Trusted Domain Extensions support (#557)
- Introduced Go-based CoRIM generation, deprecating Rust attestation policy scripts (#578)
- Added EAT (Entity Attestation Token) support (#561)
- Enabled interoperability with the CC Attestation Agent (#568)
Computation Infrastructure
- Introduced computation runner, log forwarder, ingress proxy, and egress proxy services for a more robust execution environment (#559)
- Implemented structured logging with log forwarding for ingress-proxy and computation-runner, along with improved aTLS initialization and error handling (#583)
Agent & aTLS
- Added agent pull mode for fetching remote resources (#575)
- Implemented post-handshake aTLS support — resolves CVE-2026-33697 (#582)
Improvements
- Refactored attestation and aTLS subsystems for cleaner architecture and maintainability (#562)
- Refactored result command to improve output path handling and update usage instructions (#549)
- Enhanced OCI image extraction to return algorithm and requirements paths, with deferred cleanup for temporary files (#586)
Dependency Updates
| Package | From | To |
|---|---|---|
| golang.org/x/sync | 0.17.0 | 0.18.0 |
| golang.org/x/term | 0.36.0 → 0.38.0 | 0.39.0 |
| golang.org/x/crypto | 0.43.0 → 0.46.0 | 0.47.0 |
| github.com/docker/docker | 28.5.1 | 28.5.2 |
| cloud.google.com/go/storage | 1.57.0 → 1.57.1 | 1.57.2 |
| github.com/google/go-sev-guest | 0.13.0 | 0.14.1 |
| github.com/google/go-tpm-tools | 0.4.6 | 0.4.7 |
| go.opentelemetry.io/otel/trace | 1.38.0 | 1.39.0 |
| github.com/spf13/cobra | 1.10.1 | 1.10.2 |
| github.com/absmach/supermq | 0.18.2 | 0.18.4 |
Full Changelog: v0.8.2 → v0.9.0