https://bugs.kde.org/show_bug.cgi?id=409991
Bug ID: 409991 Summary: Manipulation of encrypted text allows plaintext revovery Product: okular Version: unspecified Platform: Other OS: Linux Status: REPORTED Severity: normal Priority: NOR Component: PDF backend Assignee: okular-de...@kde.org Reporter: certb...@bsi.bund.de Target Milestone: --- Created attachment 121625 --> https://bugs.kde.org/attachment.cgi?id=121625&action=edit The attached pdfs exploit the vulnerabilities for Okular v0.26.1. The password for the encrypted pdf files is 'pass'. SUMMARY The attached report analyzes PDF encryption and shows two novel techniques for breaking the confidentiality of encrypted documents. Firstly, the PDF feature of partially encrypted documents is abused to wrap the encrypted part of the document within attacker-controlled content and therefore, exfiltrate the plaintext once the document is opened by a legitimate user. Secondly, abusing a flaw in the PDF encryption specification allows an attacker to arbitrarily manipulate encrypted content without knowing the corresponding key/password. The only requirement is one single block of known plaintext, which is fulfilled by design. By using exfiltration channels the attacks allow the recovery of the entire plaintext or parts of it within an encrypted document. The attacks rely only on standard compliant PDF features. The attacks described have been validated for widely used PDF viewers proofing many of them as vulnerable. Workarounds in the various implementations may provide a short-term countermeasure. Adequate countermeasures rather need to be included as part of upcoming specifications. Therefore the issue has been escalated to the ISO working group on Crypto and Signatures and will be taken up in the next revision of the PDF Spec. Disclosure is currently planned for the end of August 2019. Please restrain from publishing any details before that date. STEPS TO REPRODUCE 1. Open the attached 'exploit' pdfs in affected Okular version (e.g. v0.26.1). The password for the encrypted pdf files is simply 'pass'. OBSERVED RESULT Upon decryption the condidential content is leaked. SOFTWARE/OS VERSIONS KDE Frameworks Version: 4.14.2 Qt Version: 4.8.2 -- You are receiving this mail because: You are watching all bug changes.