CVE-2023-43630
published 2023-09-20CVE-2023-43630: PCR14 is not in the list of PCRs that seal/unseal the “vault” key, but due to the change that was implemented in commit…
PriorityP343high8.8CVSS 3.1
AVLACLPRLUINSCCHIHAH
EPSS
0.11%
1.4th percentile
PCR14 is not in the list of PCRs that seal/unseal the “vault” key, but
due to the change that was implemented in commit
“7638364bc0acf8b5c481b5ce5fea11ad44ad7fd4”, fixing this issue alone would not solve the
problem of the config partition not being measured correctly.
Also, the “vault” key is sealed/unsealed with SHA1 PCRs instead of
SHA256.
This issue was somewhat mitigated due to all of the PCR extend functions
updating both the values of SHA256 and SHA1 for a given PCR ID.
However, due to the change that was implemented in commit
“7638364bc0acf8b5c481b5ce5fea11ad44ad7fd4”, this is no longer the case for PCR14, as
the code in “measurefs.go” explicitly updates only the SHA256 instance of PCR14, which
means that even if PCR14 were to be added to the list of PCRs sealing/unsealing the “vault”
key, changes to the config partition would still not be measured.
An attacker could modify the config partition without triggering the measured boot, this could
result in the attacker gaining full control over the device with full access to the contents of the
encrypted “vault”
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | lf-edge_eve | >= 0 < 0.0.0-20230126065759-d9383a7ee4e1 | 0.0.0-20230126065759-d9383a7ee4e1 |
| lf-edge_zededa | eve_os | >= 9.0.0 < 9.5.0 | 9.5.0 |
| linuxfoundation | edge_virtualization_engine | >= 9.0.0 < 9.5.0 | 9.5.0 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
EVE Doesn't Measure Config Partition From 2 Fronts in github.com/lf-edge/eve
osv·2026-02-05
CVE-2023-43630 EVE Doesn't Measure Config Partition From 2 Fronts in github.com/lf-edge/eve
EVE Doesn't Measure Config Partition From 2 Fronts in github.com/lf-edge/eve
EVE Doesn't Measure Config Partition From 2 Fronts in github.com/lf-edge/eve
GHSA
EVE Doesn't Measure Config Partition From 2 Fronts
ghsa·2026-02-04
CVE-2023-43630 [MEDIUM] CWE-328 EVE Doesn't Measure Config Partition From 2 Fronts
EVE Doesn't Measure Config Partition From 2 Fronts
### Impact
PCR14 is not included in the list of PCRs that seal/unseal the vault key. Additionally, the vault key uses SHA1 PCRs instead of SHA256.
Thus an attacker with physical access can take out the disk, use a different computer to modify the files in the /config partition, and re-insert the disk and boot without the change being detected by measured boot and remote attestation.
### Patches
Fixed in EVE version 9.4.3-lts
### Workarounds
None (apart from preventing physical access to the device)
### Resources
https://help.zededa.com/hc/en-us/articles/43295940828827-TPM-PCR-Index-Security-Implications
https://github.com/lf-edge/eve/commit/d9383a7ee4e1c39f5c8c6d4a63cb2ebd00695e8a
OSV
EVE Doesn't Measure Config Partition From 2 Fronts
osv·2026-02-04
CVE-2023-43630 [MEDIUM] EVE Doesn't Measure Config Partition From 2 Fronts
EVE Doesn't Measure Config Partition From 2 Fronts
### Impact
PCR14 is not included in the list of PCRs that seal/unseal the vault key. Additionally, the vault key uses SHA1 PCRs instead of SHA256.
Thus an attacker with physical access can take out the disk, use a different computer to modify the files in the /config partition, and re-insert the disk and boot without the change being detected by measured boot and remote attestation.
### Patches
Fixed in EVE version 9.4.3-lts
### Workarounds
None (apart from preventing physical access to the device)
### Resources
https://help.zededa.com/hc/en-us/articles/43295940828827-TPM-PCR-Index-Security-Implications
https://github.com/lf-edge/eve/commit/d9383a7ee4e1c39f5c8c6d4a63cb2ebd00695e8a
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-09-20
Published