Through a combination of manual audits and fuzzing, I found several vulnerabilities in RPM:
- RPM does not reject packages that have a signed header, but neither a header+payload signature nor a payload digest. Furthermore, `rpmkeys -K` reports `digests signatures OK` for such packages. Such a package is obviously not validly signed, but RPM nevertheless accepts it. This can be mitigated by setting `%_pkgverify_level` to `signature` or `all`. I consider it a vulnerability as it violates an assumption made by much of the RPM ecosystem: if a package has any signatures, RPM will (by default) error out when trying to install it, unless the entire package has been properly signed by a trusted key. - RPM’s parser for OpenPGP packets has multiple memory unsafety issues, including out-of-bounds reads and out-of-bounds pointer arithmetic. On 32-bit systems, integer overflows and an infinite loop are also possible. It may be possible to use this vulnerability to modify a package (that is signed by a trusted key) such that it still validates as properly signed, but installing it corrupts the RPMDB. I also found two issues that are not vulnerabilities per se, but which I still believe should be fixed: - RPM accepts signatures that are followed by other OpenPGP packets, which are not valid. This opens additional attack surface. - RPM does not (obviously) reject signatures that are of an incorrect type. I am not sure that they do not wind up being rejected in other ways, and even if they are not, I am not sure if this is helpful to an attacker. But the fix is trivial, so I included it in the patch. These vulnerabilities are no longer under embargo as of May 4, 2021. See https://www.openwall.com/lists/oss-security/2021/05/04/2. You can view, comment on, or merge this pull request online at: https://github.com/rpm-software-management/rpm/pull/1671 -- Commit Summary -- * Simplify OpenSSL crypto code * Avoid double frees if EVP_PKEY_assign_RSA fails * Fix OpenPGP parsing bugs * Header signatures alone are not sufficient * Fuzz harness for rpmReadPackageFile() and pgpPrtParams() * Fix an undefined shift in the expression evaluator -- File Changes -- M lib/package.c (39) M lib/rpmvs.c (14) M rpmio/digest_openssl.c (88) M rpmio/expression.c (2) M rpmio/rpmlog.c (2) M rpmio/rpmlog.h (4) M rpmio/rpmpgp.c (185) M rpmio/rpmpgp.h (4) A tests/data/RPMS/hello-2.0-1.x86_64-corrupted.rpm (0) M tests/rpmsigdig.at (40) -- Patch Links -- https://github.com/rpm-software-management/rpm/pull/1671.patch https://github.com/rpm-software-management/rpm/pull/1671.diff -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/rpm-software-management/rpm/pull/1671
_______________________________________________ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint