[Rpm-maint] [rpm-software-management/rpm] Multiple vulnerabilities in RPM (#1671)
Demi Marie Obenour
notifications at github.com
Wed May 5 04:30:50 UTC 2021
Through a combination of manual audits and fuzzing, I found several
vulnerabilities in RPM:
- RPM does not reject packages that have a signed header, but neither a
header+payload signature nor a payload digest. Furthermore, `rpmkeys
-K` reports `digests signatures OK` for such packages. Such a package
is obviously not validly signed, but RPM nevertheless accepts it.
This can be mitigated by setting `%_pkgverify_level` to `signature`
or `all`. I consider it a vulnerability as it violates an assumption
made by much of the RPM ecosystem: if a package has any signatures,
RPM will (by default) error out when trying to install it, unless
the entire package has been properly signed by a trusted key.
- RPM’s parser for OpenPGP packets has multiple memory unsafety
issues, including out-of-bounds reads and out-of-bounds pointer
arithmetic. On 32-bit systems, integer overflows and an infinite
loop are also possible. It may be possible to use this vulnerability
to modify a package (that is signed by a trusted key) such that
it still validates as properly signed, but installing it corrupts
the RPMDB.
I also found two issues that are not vulnerabilities per se, but which
I still believe should be fixed:
- RPM accepts signatures that are followed by other OpenPGP packets,
which are not valid. This opens additional attack surface.
- RPM does not (obviously) reject signatures that are of an incorrect
type. I am not sure that they do not wind up being rejected in other
ways, and even if they are not, I am not sure if this is helpful to
an attacker. But the fix is trivial, so I included it in the patch.
These vulnerabilities are no longer under embargo as of May 4, 2021. See https://www.openwall.com/lists/oss-security/2021/05/04/2.
You can view, comment on, or merge this pull request online at:
https://github.com/rpm-software-management/rpm/pull/1671
-- Commit Summary --
* Simplify OpenSSL crypto code
* Avoid double frees if EVP_PKEY_assign_RSA fails
* Fix OpenPGP parsing bugs
* Header signatures alone are not sufficient
* Fuzz harness for rpmReadPackageFile() and pgpPrtParams()
* Fix an undefined shift in the expression evaluator
-- File Changes --
M lib/package.c (39)
M lib/rpmvs.c (14)
M rpmio/digest_openssl.c (88)
M rpmio/expression.c (2)
M rpmio/rpmlog.c (2)
M rpmio/rpmlog.h (4)
M rpmio/rpmpgp.c (185)
M rpmio/rpmpgp.h (4)
A tests/data/RPMS/hello-2.0-1.x86_64-corrupted.rpm (0)
M tests/rpmsigdig.at (40)
-- Patch Links --
https://github.com/rpm-software-management/rpm/pull/1671.patch
https://github.com/rpm-software-management/rpm/pull/1671.diff
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1671
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20210504/ed0ad57a/attachment.html>
More information about the Rpm-maint
mailing list