Skip to content

Possible timing attack in derivation_endpoint

Moderate severity GitHub Reviewed Published Oct 4, 2020 in shrinerb/shrine • Updated May 16, 2023

Package

bundler shrine (RubyGems)

Affected versions

< 3.3.0

Patched versions

3.3.0

Description

Impact

When using the derivation_endpoint plugin, it's possible for the attacker to use a timing attack to guess the signature of the derivation URL.

Patches

The problem has been fixed by comparing sent and calculated signature in constant time, using Rack::Utils.secure_compare. Users using the derivation_endpoint plugin are urged to upgrade to Shrine 3.3.0 or greater.

Workarounds

Users of older Shrine versions can apply the following monkey-patch after loading the derivation_endpoint plugin:

class Shrine
  class UrlSigner
    def verify_signature(string, signature)
      if signature.nil?
        fail InvalidSignature, "missing \"signature\" param"
      elsif !Rack::Utils.secure_compare(signature, generate_signature(string))
        fail InvalidSignature, "provided signature does not match the calculated signature"
      end
    end
  end
end

References

You can read more about timing attacks here.

References

@janko janko published to shrinerb/shrine Oct 4, 2020
Reviewed Oct 5, 2020
Published to the GitHub Advisory Database Oct 5, 2020
Last updated May 16, 2023

Severity

Moderate
5.9
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
High
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Weaknesses

CVE ID

CVE-2020-15237

GHSA ID

GHSA-5jjv-x4fq-qjwp

Source code

Credits

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.