Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FVP-02-003 General: Balrog incorrectly verifies certificate chain #798

Closed
bakulf opened this issue Apr 7, 2021 · 2 comments
Closed

FVP-02-003 General: Balrog incorrectly verifies certificate chain #798

bakulf opened this issue Apr 7, 2021 · 2 comments
Assignees
Labels
p3 Low Criticality Issues
Milestone

Comments

@bakulf
Copy link
Collaborator

bakulf commented Apr 7, 2021

It was found that Balrog does not properly verify the certificate chain, permitting rogue
root certificates and their fellowship to pass. The attacker-controlled leaf certificate holds
a public key that will be used to verify the update used in Windows and macOS.
This signifies the risk of state-funded attackers who are in charge of a trusted certificate
authority being able to perform Man-in-the-Middle attacks on the TLS connection
initiated by Mozilla VPN to receive updates. Attackers can now replace the binary code
of the update with malicious malware bypassing the Balrog mechanism that intends to
detect those attacks.

┆Issue is synchronized with this Jira Task

@bakulf bakulf added p3 Low Criticality Issues audit-issue labels Apr 7, 2021
@bakulf
Copy link
Collaborator Author

bakulf commented Apr 8, 2021

@birdsarah can I assign this bug to you?

@birdsarah birdsarah self-assigned this Apr 8, 2021
@bakulf bakulf modified the milestone: v2.2 Apr 9, 2021
@lesleyjanenorton lesleyjanenorton added this to Triage parking lot in Mozilla VPN Product Board via automation Apr 14, 2021
@lesleyjanenorton lesleyjanenorton moved this from Triage parking lot to Backlog in Mozilla VPN Product Board Apr 14, 2021
@birdsarah birdsarah added this to the Release v2.3 milestone Apr 16, 2021
@rbillings rbillings moved this from Backlog to Next Up / To Do in Mozilla VPN Product Board Apr 16, 2021
@birdsarah birdsarah moved this from Next Up / To Do to In progress in Mozilla VPN Product Board Apr 29, 2021
@birdsarah
Copy link
Collaborator

Closed via #993

Mozilla VPN Product Board automation moved this from In progress to Done/Merged May 10, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
p3 Low Criticality Issues
Projects
Development

No branches or pull requests

2 participants