Bug 1213314 (CVE-2023-38201)

Summary: VUL-0: CVE-2023-38201: keylime: Challenge-response protocol between Registrar and (untrusted) Agent can be bypassed by an attacker
Product: [Novell Products] SUSE Security Incidents Reporter: Robert Frohl <rfrohl>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: meissner
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/372539/
Whiteboard: CVSSv3.1:SUSE:CVE-2023-38201:7.5:(AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Comment 3 Robert Frohl 2023-08-23 20:50:02 UTC 
Impact
A security issue was found in the Keylime registrar code which allows an attacker to effectively bypass the challenge-response protocol used to verify that an agent has indeed access to an AIK which in indeed related to the EK.

When an agent starts up, it will contact a registrar and provide a public EK and public AIK, in addition to the EK Certificate. This registrar will then challenge the agent to decrypt a challenge encrypted with the EK.

When receiving the wrong "auth_tag" back from the agent during activation, the registrar answers with an error message that contains the expected correct "auth_tag" (an HMAC which is calculated within the registrar for checking). An attacker could simply record the correct expected "auth_tag" from the HTTP error message and perform the activate call again with the correct expected "auth_tag" for the agent.

The security issue allows an attacker to pass the challenge-response protocol during registration with (almost) arbitrary registration data. In particular, the attacker can provide a valid EK Certificate and EK, which passes verification by the tenant (or registrar), while using a compromised AIK, which is stored unprotected outside the TPM and is unrelated to former two. The attacker then deliberately fails the initial activation call to get to know the correct "auth_tag" and then provides it in a subsequent activation call. This results in an agent which is (incorrectly) registered with a valid EK Certificate, but with a compromised/unrelated AIK.

Patches
Users should upgrade to release 7.4.0

Credit
Reported by: Florian Kohnhäuser/@flozilla
Patched-by: Marcio Silva/@maugustosilva

https://github.com/keylime/keylime/security/advisories/GHSA-f4r5-q63f-gcww
Comment 4 Alberto Planas Dominguez 2023-08-24 09:23:53 UTC 
Updated TW and SUSE:SLE-15-SP4:Update. Should be all.
Comment 6 Maintenance Automation 2023-09-05 12:42:01 UTC 
SUSE-SU-2023:3525-1: An update that solves one vulnerability can now be installed.

Category: security (important)
Bug References: 1213314
CVE References: CVE-2023-38201
Sources used:
openSUSE Leap 15.4 (src): keylime-6.3.2-150400.4.20.1
openSUSE Leap 15.5 (src): keylime-6.3.2-150400.4.20.1
Basesystem Module 15-SP4 (src): keylime-6.3.2-150400.4.20.1
Basesystem Module 15-SP5 (src): keylime-6.3.2-150400.4.20.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.