CVE-2022-23950

Published September 21st, 2022

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

In Keylime before 6.3.0, Revocation Notifier uses a fixed /tmp path for UNIX domain socket which can allow unprivileged users a method to prohibit keylime operations.

keylime/keylime

A CNCF Project to Bootstrap & Maintain Trust on the Edge / Cloud and IoT

GitHub

538