GHSA-4jvr-vj2c-8q37 (CVE-2023-43635)

Details

Impact

The vault key is sealed using SHA1 PCRs instead of SHA256 PCRs

Thus an attacker with physical access to an EVE-OS device can try to brute force creating a kernel or rootfs image which produces the same SHA1 PCR but with malicious content.

Patches

Fixed in 9.4.3-lts and 10.1.0

Workarounds

None

Affected Packages

github.com/lf-edge/eve

Go

Fixed in:

0.0.0-20230519072751-977f42b07fa9

References

WEB

https://asrg.io/security-advisories/cve-2023-43635

WEB

https://asrg.io/security-advisories/vault-key-sealed-with-sha1-pcrs

ADVISORY

https://github.com/advisories/GHSA-4jvr-vj2c-8q37

PACKAGE

https://github.com/lf-edge/eve

WEB

https://github.com/lf-edge/eve/security/advisories/GHSA-4jvr-vj2c-8q37

ADVISORY

https://nvd.nist.gov/vuln/detail/CVE-2023-43635