Keylime: attestation failure when the quote's signature does not validate
Description
A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Keylime verifier fails to flag a device as untrusted when a TPM quote signature is invalid, only logging the error.
Vulnerability
Overview
CVE-2023-3674 describes a flaw in the keylime attestation verifier component [1][2]. When a device submits a TPM quote whose cryptographic signature does not validate, the verifier does not mark the device as untrusted. Instead, it merely records the signature validation failure in a log entry, continuing to treat the device as attested [3].
Attack
Vector and Exploitation
This vulnerability can be exploited by an attacker who controls or compromises a remote device running a keylime agent. By submitting a TPM quote with an invalid signature (e.g., due to a forged or corrupted attestation key), the attacker can bypass integrity verification. No additional authentication is required beyond network access to the verifier endpoint, as the flaw lies in the verifier's failure to propagate the signature validation result into its trust decision [2].
Impact
A successful exploitation allows the attacker to have a compromised or untrusted device remain attested and trusted by the keylime system. This undermines the root-of-trust guarantees that keylime provides, potentially enabling malicious behavior such as the execution of unauthorized software or extraction of sensitive payloads that keylime manages [4].
Mitigation
Status
Red Hat released a fixed version (keylime-7.3.0-13.el9_3) via RHSA-2024:1139, which is patched in Red Hat Enterprise Linux 9 and 9.6 Extended Update Support [1]. Users should update to the latest package. The upstream keylime project likely addressed this in subsequent releases as well [4]. No workaround is documented; applying the patch is the recommended mitigation.
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
keylimePyPI | < 7.2.5 | 7.2.5 |
Affected products
10- Red Hat/Red Hat Enterprise Linux 9v5cpe:/a:redhat:enterprise_linux:9::appstreamRange: 0:7.3.0-13.el9_3
- ghsa-coords9 versionspkg:pypi/keylimepkg:rpm/almalinux/keylimepkg:rpm/almalinux/keylime-basepkg:rpm/almalinux/keylime-registrarpkg:rpm/almalinux/keylime-selinuxpkg:rpm/almalinux/keylime-tenantpkg:rpm/almalinux/keylime-verifierpkg:rpm/almalinux/python3-keylimepkg:rpm/opensuse/keylime&distro=openSUSE%20Tumbleweed
< 7.2.5+ 8 more
- (no CPE)range: < 7.2.5
- (no CPE)range: < 7.3.0-13.el9_3
- (no CPE)range: < 7.3.0-13.el9_3
- (no CPE)range: < 7.3.0-13.el9_3
- (no CPE)range: < 7.3.0-13.el9_3
- (no CPE)range: < 7.3.0-13.el9_3
- (no CPE)range: < 7.3.0-13.el9_3
- (no CPE)range: < 7.3.0-13.el9_3
- (no CPE)range: < 7.11.0-1.1
Patches
195ce3d86bd2ctpm_util: Replace a logger.error with an Exception in case of invalid signature
2 files changed · +22 −5
keylime/tpm/tpm_util.py+1 −5 modified@@ -3,7 +3,6 @@ import struct from typing import Any, Dict, List, Optional, Tuple, Union -from cryptography.exceptions import InvalidSignature from cryptography.hazmat import backends from cryptography.hazmat.primitives import hashes, hmac, serialization from cryptography.hazmat.primitives.asymmetric import ec, padding @@ -155,10 +154,7 @@ def checkquote( digest.update(quoteblob) quote_digest = digest.finalize() - try: - verify(pubkey, signature, quote_digest, hashfunc) - except InvalidSignature: - logger.error("Invalid quote signature!") + verify(pubkey, signature, quote_digest, hashfunc) # Check that reported nonce is expected one retDict = tpm2_objects.unmarshal_tpms_attest(quoteblob)
keylime/tpm/tpm_util_test.py+21 −0 modified@@ -2,6 +2,7 @@ import unittest from unittest import mock +from cryptography.exceptions import InvalidSignature from cryptography.hazmat.primitives.asymmetric.ec import ( SECP256R1, EllipticCurve, @@ -60,6 +61,26 @@ def test_checkquote(self) -> None: except Exception as e: self.fail(f"checkquote failed with {e}") + # test bad input + bad_quoteblob = bytearray(quoteblob) + bad_quoteblob[5] ^= 0x1 + with self.assertRaises(InvalidSignature): + checkquote(aikblob, nonce, sigblob, bad_quoteblob, pcrblob, "sha256") + + l = list(nonce) + l[0] = "a" + bad_nonce = "".join(l) + with self.assertRaises(Exception): + checkquote(aikblob, bad_nonce, sigblob, quoteblob, pcrblob, "sha256") + + bad_pcrblob = bytearray(pcrblob) + bad_pcrblob[5] ^= 0x1 + with self.assertRaises(Exception): + checkquote(aikblob, nonce, sigblob, quoteblob, bad_pcrblob, "sha256") + + with self.assertRaises(ValueError): + checkquote(aikblob, nonce, sigblob, quoteblob, pcrblob, "sha1") + @staticmethod def not_random(numbytes: int) -> bytes: return b"\x12" * numbytes
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
7- access.redhat.com/errata/RHSA-2024:1139ghsavendor-advisoryx_refsource_REDHATWEB
- github.com/advisories/GHSA-g4wg-cfpf-9689ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-3674ghsaADVISORY
- access.redhat.com/security/cve/CVE-2023-3674ghsavdb-entryx_refsource_REDHATWEB
- bugzilla.redhat.com/show_bug.cgighsaissue-trackingx_refsource_REDHATWEB
- github.com/keylime/keylime/commit/95ce3d86bd2c53009108ffda2dcf553312d733dbghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/keylime/PYSEC-2023-128.yamlghsaWEB
News mentions
0No linked articles in our index yet.