Bug 1193999 - AUDIT-FIND: keylime: Key Exchange and Bootstrap Protocol Susceptible to Replay Attacks
AUDIT-FIND: keylime: Key Exchange and Bootstrap Protocol Susceptible to Repla...
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Audits
Other Other
: P5 - None : Normal
: ---
Assigned To: Security Team bot
Security Team bot
Depends on:
Blocks: 1191739
  Show dependency treegraph
Reported: 2021-12-22 11:06 UTC by Matthias Gerstner
Modified: 2022-01-28 11:02 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Matthias Gerstner 2021-12-22 11:06:57 UTC
This is to keep track of the keylime review report issue 2.d:

Authentic payloads being passed from the tenant to the agent should be
reasonably safe from attackers (when not considering issue c)), since the two
halves of the symmetric key are encrypted using the per-agent node RSA public
key. The bootstrap protocol seems to be susceptible to certain replay attacks,
however. Since the interface does not employ transport security, the
bootstrap protocol can simply be recorded and replayed to activate an
authentic configuration payload. This could e.g. be used by an attacker to
activate an outdated or even insecure older configuration of the agent node.
Comment 1 Matthias Gerstner 2021-12-22 11:07:53 UTC
I didn't practically reproduce this finding but from the theory it looks like
a valid concern. Should it not apply after all we can still close the bug.
Comment 2 Matthias Gerstner 2022-01-26 15:35:52 UTC
Upstream decided not to assign a dedicated CVE for the replay attack aspect.
The bugfix is the same as for the arbitrary code execution depicted in bug

Formally it could have been suitable for a separate CVE but I guess it's okay
to simplify the administration of all this a bit.

Therefore I'm closing this bug as INVALID.
Comment 3 Matthias Gerstner 2022-01-28 09:32:24 UTC
the issue is public now, same as in bug 1193998
Comment 4 Matthias Gerstner 2022-01-28 11:02:29 UTC
this one we can close right away since it didn't receive a CVE