2458889 – (CVE-2026-6420) CVE-2026-6420 keylime: Keylime: Security bypass due to hardcoded TPM quote nonce

Bug 2458889 (CVE-2026-6420) - CVE-2026-6420 keylime: Keylime: Security bypass due to hardcoded TPM quote nonce

Summary: CVE-2026-6420 keylime: Keylime: Security bypass due to hardcoded TPM quote nonce

Keywords:
Status:	NEW
Alias:	CVE-2026-6420
Deadline:	2026-05-06
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2467584
Blocks:
TreeView+	depends on / blocked

Reported:	2026-04-16 06:03 UTC by OSIDB Bzimport
Modified:	2026-05-07 04:19 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-04-16 06:03:47 UTC

Keylime verifier uses a hardcoded challenge nonce for TPM quote attestation instead of generating a cryptographically random value. An attacker with root access on an enrolled monitored machine (where the Keylime agent runs) can stockpile valid TPM quotes using tpm2_quote with the known nonce during the push attestation timeout window (defaulting to 10 seconds). The attacker can then compromise the system and replay these quotes to evade detection. Only the push model deployment is affected, the pull model does not use the affected code.

Requirements for exploitation: Root access on a legitimate, monitored machine (running a previously enrolled Keylime agent). The attacker stops the agent, generates quotes via tpm2_quote with the known nonce (system still clean, so PCR values are trusted), starts a replacement agent before the ~10s timeout expires, then compromises the system. Each stockpiled quote is usable once (clock monotonicity check prevents reuse).

Note You need to log in before you can comment on or make changes to this bug.