PT-2025-6825 · Keylime · Keylime

Published

2025-02-14

Updated

2025-12-12

CVE-2025-1057

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Keylime versions 7.8.0 through 7.12.0

Description The issue arises from the Keylime registrar implementing stricter type checking in version 7.12.0, causing it to reject data formats previously stored in the database by versions 7.8.0 and later. This leads to a Denial-of-Service vulnerability, where an attacker can populate the database with multiple valid agent registrations before the update to 7.12.0, resulting in query failures after the update.

Recommendations For Keylime versions 7.8.0 through 7.12.0, upgrade to versions 7.12.1 or later. As a temporary workaround, consider removing the registrar database and re-registering all agents to minimize the risk of exploitation.

Fix

Incorrect Type Conversion or Cast

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-704CWE-1287

Related Identifiers

CVE-2025-1057

GHSA-9JXQ-5X44-GX23

OPENSUSE-SU-2025:14813-1

OPENSUSE-SU-2025:20159-1

SUSE-SU-2025:21194-1

Affected Products

Keylime

PT-2025-6825 · Keylime · Keylime

CVE-2025-1057

Weakness Enumeration

Related Identifiers

Affected Products

References · 19