ALSA-2026:2224

[ALSA-2026:2224] Critical: keylime security update

Type:

security

Severity:

critical

Release date:

2026-02-11

Description:

Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution.  

Security Fix(es):  

  * keylime: Keylime: Authentication bypass allows unauthorized administrative operations due to missing client-side TLS authentication (CVE-2026-1709)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	keylime-7.12.1-11.el9_7.4.aarch64.rpm	52859343a6f4ef948d9a5ea46cb5a06e930e9015706e030c1d161e39adeaf3d1
aarch64	keylime-base-7.12.1-11.el9_7.4.aarch64.rpm	99c0fb5d419aef2b02444efb62033cf29abd2692a529f6da878d3e7c52576f40
aarch64	keylime-tenant-7.12.1-11.el9_7.4.aarch64.rpm	a1f42e1de8d1288782d06daec4542882704fcf4b54581a13303fe9d735a7d962
aarch64	python3-keylime-7.12.1-11.el9_7.4.aarch64.rpm	c9aed70b1c944d24490ba69ba8995a8784a528b694be7d48638aacad26008689
aarch64	keylime-registrar-7.12.1-11.el9_7.4.aarch64.rpm	d052ab479fbdee122ccf4bad1792adbb783a1e1c0b1d33593888e9063cf9bcb9
aarch64	keylime-verifier-7.12.1-11.el9_7.4.aarch64.rpm	d0a683493a32288714cf33842c0f78815667a2d15ac89f0b43a84b750c0b9c07
noarch	keylime-selinux-7.12.1-11.el9_7.4.noarch.rpm	88ace794fbf4e50db3a4619a2caf1de44fce0c4e79733315d23fe3689d3a04b4
ppc64le	keylime-7.12.1-11.el9_7.4.ppc64le.rpm	096a841b8d60659ef5f39407703fee4e4118866763b0dc771e644c9bc080f7f4
ppc64le	python3-keylime-7.12.1-11.el9_7.4.ppc64le.rpm	250f7bd78a9a173a098ddde59fe4528229632754bd73e2e874b0d67d2aa91564
ppc64le	keylime-base-7.12.1-11.el9_7.4.ppc64le.rpm	9faa5a3cdb2e6d6eed92c139d80caf1db9b5b34d0f697ab802966240b434e7fc
ppc64le	keylime-registrar-7.12.1-11.el9_7.4.ppc64le.rpm	ade42142f98cc84f0f29de1578ddf7005b70133d1ac1aac74f5f298a55446336
ppc64le	keylime-tenant-7.12.1-11.el9_7.4.ppc64le.rpm	bb75742fe1e108f0a24d644313c4d5d1bf8532c4838e7c96e7a28bd5e499e513
ppc64le	keylime-verifier-7.12.1-11.el9_7.4.ppc64le.rpm	c4e2e57921e25a4c2ef4a70958bbbd49692eb0be3065cbac3e73543c30baf222
s390x	keylime-verifier-7.12.1-11.el9_7.4.s390x.rpm	1687edb22002ae52b1574a4dcab837d71f6d51c3c61c8cc9ce3f73b86331a944
s390x	keylime-registrar-7.12.1-11.el9_7.4.s390x.rpm	22efc21012f8ad98103f3db670fbf46badd70fd4c097b3f1411423c084220b2f
s390x	keylime-base-7.12.1-11.el9_7.4.s390x.rpm	69331f412f913365d286964bd2ae9a7cd4c017e26aab0791adec1edcf23bde52
s390x	keylime-tenant-7.12.1-11.el9_7.4.s390x.rpm	7897c901d3b588e4ca30ab789af352c729ace45c99ffaf53f98d864d946bec13
s390x	keylime-7.12.1-11.el9_7.4.s390x.rpm	8f580e942103f5e35f691f55f3618427bf6324106f28fae0435fbb7dff7c8539
s390x	python3-keylime-7.12.1-11.el9_7.4.s390x.rpm	99cb8a261a6cbc4c82766f7685cd49693fdc6b706ba5918b5c79cea0569c74e7
x86_64	keylime-tenant-7.12.1-11.el9_7.4.x86_64.rpm	74c7829e73fcdc8f55aa0a80efc7967768e19e35835b0d350948dc3e1604f486
x86_64	keylime-registrar-7.12.1-11.el9_7.4.x86_64.rpm	77a68c2cc84f03c931c149087528402a3fc46ab587783d072568ebbe89f68b39
x86_64	python3-keylime-7.12.1-11.el9_7.4.x86_64.rpm	7f3d09379c3756403688b5caf0d2f10f87394154e3019268c5e02db2c4e84357
x86_64	keylime-verifier-7.12.1-11.el9_7.4.x86_64.rpm	9fc39e7af3f2176dc323f4380592414c12af969ea201038948ec368630f9aed3
x86_64	keylime-7.12.1-11.el9_7.4.x86_64.rpm	e4010e2ef7f1dd8c82cf581d3a98577e41d7fef97b5ec8c058cbe828582335d1
x86_64	keylime-base-7.12.1-11.el9_7.4.x86_64.rpm	e8739df06e8a8ce8b72148578fc01d736ad03b1804f87e85986548bbf4955f25

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.