Primary

Context

Keylime Strict Type Checking Vulnerability Leading to Denial-of-Service

Vulnerability

Patched

A denial-of-service vulnerability exists in Keylime version 7.12.0 due to strict type checking that prevents the registrar from processing agent registration data from previous versions, such as 7.11.0. Older versions store registration data as bytes, while the updated registrar requires strings. This mismatch causes exceptions when handling registration requests, resulting in agent failures.

Impact

Exploitation of this vulnerability causes agents to fail during registration, leading to a denial-of-service condition.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

2.5

exploitability

7.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Keylime Strict Type Checking Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Affected Products

Keylime

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating