CVE-2023-43630
PCR14 is not in the list of PCRs that seal/unseal the “vault” key, but due to the change that was implemented in commit “7638364bc0acf8b5c481b5ce5fea11ad44ad7fd4”, fixing this issue alone would not solve the problem of the config partition not being measured correctly. Also, the “vault” key is sealed/unsealed with SHA1 PCRs instead of SHA256. This issue was somewhat mitigated due to all of the PCR extend functions updating both the values of SHA256 and SHA1 for a given PCR ID. However, due to the change that was implemented in commit “7638364bc0acf8b5c481b5ce5fea11ad44ad7fd4”, this is no longer the case for PCR14, as the code in “measurefs.go” explicitly updates only the SHA256 instance of PCR14, which means that even if PCR14 were to be added to the list of PCRs sealing/unsealing the “vault” key, changes to the config partition would still not be measured. An attacker could modify the config partition without triggering the measured boot, this could result in the attacker gaining full control over the device with full access to the contents of the encrypted “vault”
EPSS 0.01% · 1.4th percentile
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| linuxfoundation | edge_virtualization_engine | 9.0.0, 9.0.0 |
| github.com | lf-edge/eve | 0, 0 |
| LF-Edge, Zededa | EVE OS | 9.0.0, 9.0.0 |
Timeline
- Sep 20, 2023 CVE Published
- Sep 22, 2023 EPSS Score
- Oct 24, 2023 EPSS Score
- Nov 25, 2023 EPSS Score
- Dec 27, 2023 EPSS Score
- Jan 28, 2024 EPSS Score
- Mar 1, 2024 EPSS Score
- Apr 2, 2024 EPSS Score
- May 4, 2024 EPSS Score
- Jun 5, 2024 EPSS Score
- Jul 7, 2024 EPSS Score
- Aug 8, 2024 EPSS Score
References
- https://asrg.io/security-advisories/cve-2023-43630/ url
- https://github.com/lf-edge/eve/security/advisories/GHSA-phcg-h58r-gmcq url
- https://nvd.nist.gov/vuln/detail/CVE-2023-43630 advisory
- https://github.com/lf-edge/eve/commit/d9383a7ee4e1c39f5c8c6d4a63cb2ebd00695e8a url
- https://asrg.io/security-advisories/config-partition-not-measured-from-2-fronts url
- https://asrg.io/security-advisories/cve-2023-43630 url
- https://github.com/lf-edge/eve package
- https://help.zededa.com/hc/en-us/articles/43295940828827-TPM-PCR-Index-Security-Implications url