High severityNVD Advisory· Published Jul 24, 2023· Updated Nov 20, 2025
Keylime: registrar is subject to a dos against ssl connections
CVE-2023-38200
Description
A flaw was found in Keylime. Due to their blocking nature, the Keylime registrar is subject to a remote denial of service against its SSL connections. This flaw allows an attacker to exhaust all available connections.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
keylimePyPI | < 7.4.0 | 7.4.0 |
Affected products
13- cpe:/a:redhat:enterprise_linux:9::appstreamRange: 0:6.5.2-6.el9_2
- ghsa-coords12 versionspkg:pypi/keylimepkg:rpm/almalinux/keylimepkg:rpm/almalinux/keylime-basepkg:rpm/almalinux/keylime-registrarpkg:rpm/almalinux/keylime-selinuxpkg:rpm/almalinux/keylime-tenantpkg:rpm/almalinux/keylime-verifierpkg:rpm/almalinux/python3-keylimepkg:rpm/opensuse/keylime&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/keylime&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/keylime&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/keylime&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5
< 7.4.0+ 11 more
- (no CPE)range: < 7.4.0
- (no CPE)range: < 6.5.2-6.el9_2.alma.1
- (no CPE)range: < 6.5.2-6.el9_2.alma.1
- (no CPE)range: < 6.5.2-6.el9_2.alma.1
- (no CPE)range: < 6.5.2-6.el9_2.alma.1
- (no CPE)range: < 6.5.2-6.el9_2.alma.1
- (no CPE)range: < 6.5.2-6.el9_2.alma.1
- (no CPE)range: < 6.5.2-6.el9_2.alma.1
- (no CPE)range: < 6.3.2-150400.4.17.1
- (no CPE)range: < 6.3.2-150400.4.17.1
- (no CPE)range: < 6.3.2-150400.4.17.1
- (no CPE)range: < 6.3.2-150400.4.17.1
Patches
Vulnerability mechanics
References
9- access.redhat.com/errata/RHSA-2023:5080mitrevendor-advisoryx_refsource_REDHAT
- github.com/advisories/GHSA-pg75-v6fp-8q59ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-38200ghsaADVISORY
- access.redhat.com/security/cve/CVE-2023-38200ghsavdb-entryx_refsource_REDHATWEB
- bugzilla.redhat.com/show_bug.cgighsaissue-trackingx_refsource_REDHATWEB
- github.com/keylime/keylime/commit/c68d8f0b7ea549c12b6956ab0f3c28ae0360ae17ghsaWEB
- github.com/keylime/keylime/pull/1421ghsaWEB
- github.com/keylime/keylime/releases/tag/v7.4.0ghsaWEB
- github.com/keylime/keylime/security/advisories/GHSA-pg75-v6fp-8q59ghsaWEB
News mentions
0No linked articles in our index yet.