Bug 2416806
| Summary: | CVE-2025-13609 keylime: Keylime: Registrar allows identity takeover via duplicate UUID registration [fedora-42] | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Marco Benatto <mbenatto> |
| Component: | keylime | Assignee: | Anderson Sasaki <ansasaki> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 42 | CC: | ansasaki, dueno, scorreia |
| Target Milestone: | --- | Keywords: | Security, SecurityTracking |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | {"flaws": ["56d6a15d-cde3-44e3-8e16-38b33646e401"]} | ||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2026-04-01 08:13:00 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2416761 | ||
|
Description
Marco Benatto
2025-11-24 17:46:10 UTC
FEDORA-2026-c2b5451b35 (keylime-7.14.1-1.fc42 and keylime-agent-rust-0.2.9-1.fc42) has been submitted as an update to Fedora 42. https://bodhi.fedoraproject.org/updates/FEDORA-2026-c2b5451b35 FEDORA-2026-c2b5451b35 has been pushed to the Fedora 42 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2026-c2b5451b35` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2026-c2b5451b35 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates. FEDORA-2026-c2b5451b35 (keylime-7.14.1-1.fc42 and keylime-agent-rust-0.2.9-1.fc42) has been pushed to the Fedora 42 stable repository. If problem still persists, please make note of it in this bug report. Closing this as 7.14.1 was delivered as update and resolves this issue: f42: https://bodhi.fedoraproject.org/updates/FEDORA-2026-c2b5451b35 f43: https://bodhi.fedoraproject.org/updates/FEDORA-2026-e5027335a3 f44: https://bodhi.fedoraproject.org/updates/FEDORA-2026-2b8b223cf0 f45: https://bodhi.fedoraproject.org/updates/FEDORA-2026-2c67764d9f |