Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Through a combination of manual audits and fuzzing, I found several
vulnerabilities in RPM:
RPM does not reject packages that have a signed header, but neither a
header+payload signature nor a payload digest. Furthermore,
rpmkeys -K
reportsdigests signatures OK
for such packages. Such a packageis obviously not validly signed, but RPM nevertheless accepts it.
This can be mitigated by setting
%_pkgverify_level
tosignature
or
all
. I consider it a vulnerability as it violates an assumptionmade by much of the RPM ecosystem: if a package has any signatures,
RPM will (by default) error out when trying to install it, unless
the entire package has been properly signed by a trusted key.
RPM’s parser for OpenPGP packets has multiple memory unsafety
issues, including out-of-bounds reads and out-of-bounds pointer
arithmetic. On 32-bit systems, integer overflows and an infinite
loop are also possible. It may be possible to use this vulnerability
to modify a package (that is signed by a trusted key) such that
it still validates as properly signed, but installing it corrupts
the RPMDB.
I also found two issues that are not vulnerabilities per se, but which
I still believe should be fixed:
RPM accepts signatures that are followed by other OpenPGP packets,
which are not valid. This opens additional attack surface.
RPM does not (obviously) reject signatures that are of an incorrect
type. I am not sure that they do not wind up being rejected in other
ways, and even if they are not, I am not sure if this is helpful to
an attacker. But the fix is trivial, so I included it in the patch.
These vulnerabilities are no longer under embargo as of May 4, 2021. See https://www.openwall.com/lists/oss-security/2021/05/04/2.