Linuxfoundation Edge_virtualization_engine

5 CVEs affecting Linuxfoundation Edge_virtualization_engine. Latest disclosed: 2023-09-21. Critical: 1, High: 4.

Top CVEs affecting Linuxfoundation Edge_virtualization_engine
CVESeverityScorePublishedSummary
CVE-2023-43632Critical9.02023-09-21 As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing limited functionality of the TPM to the cli…
CVE-2023-43631High8.82023-09-21 On boot, the Pillar eve container checks for the existence and content of “/config/authorized_keys”. If the file is present, and contains a supported public…
CVE-2023-43636High8.82023-09-20 In EVE OS, the “measured boot” mechanism prevents a compromised device from accessing the encrypted data located in the vault. As per the “measured boot” d…
CVE-2023-43635High8.82023-09-20 Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update…
CVE-2023-43630High8.82023-09-20PCR14 is not in the list of PCRs that seal/unseal the “vault” key, but due to the change that was implemented in commit “7638364bc0acf8b5c481b5ce5fea11ad44ad7f…