CVE-2023-38200

Name of the Vulnerable Software and Affected Versions Keylime versions prior to 7.4.0

Description A flaw was found in Keylime due to its blocking nature, making the Keylime registrar subject to a remote denial of service against its SSL connections. This allows an attacker to exhaust all available connections, preventing normal operation. The issue affects the registrar component, blocking further legitimate connections, but does not affect the verifier. The problem can be exploited by opening a connection to the TLS port, by default port 8891, which blocks the registrar and prevents it from serving clients, including agents and tenants.

Recommendations For versions prior to 7.4.0, users should upgrade to release 7.4.0 to resolve the issue. As a temporary workaround, consider restricting access to the TLS port, by default port 8891, to minimize the risk of exploitation. Additionally, users can consider disabling the registrar component until the upgrade is applied.