CVE-2022-23948

Published September 21st, 2022

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

A flaw was found in Keylime before 6.3.0. The logic in the Keylime agent for checking for a secure mount can be fooled by previously created unprivileged mounts allowing secrets to be leaked to other processes on the host.

keylime/keylime

A CNCF Project to Bootstrap & Maintain Trust on the Edge / Cloud and IoT

GitHub

538