CVE-2023-43630

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions.

Description The issue concerns a problem where PCR14 is not in the list of PCRs that seal/unseal the "vault" key. Due to a change implemented in a commit, fixing this issue alone would not solve the problem of the config partition not being measured correctly. The "vault" key is sealed/unsealed with SHA1 PCRs instead of SHA256. This issue was somewhat mitigated because all PCR extend functions updated both SHA256 and SHA1 values for a given PCR ID. However, the change in the commit means that only the SHA256 instance of PCR14 is updated, which would still not measure changes to the config partition even if PCR14 were added to the list of PCRs sealing/unsealing the "vault" key. An attacker could modify the config partition without triggering the measured boot, potentially gaining full control over the device with access to the encrypted "vault".

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.