From oss-secuity: On 01/01/2013 12:22 AM, Kurt Seifried wrote: > On 12/28/2012 06:06 PM, KB Sriram wrote: >> Versions of GnuPG <= 1.4.12 are vulnerable to memory access >> violations and public keyring database corruption when importing >> public keys that have been manipulated. > >> An OpenPGP key can be fuzzed in such a way that gpg segfaults (or >> has other memory access violations) when importing the key. > >> The key may also be fuzzed such that gpg reports no errors when >> examining the key (eg: "gpg the_bad_key.pkr") but importing it >> causes gpg to corrupt its public keyring database. > >> The database corruption issue was first reported on Dec 6th, >> through the gpg bug tracking system: > >> https://bugs.g10code.com/gnupg/issue1455 > >> The subsequent memory access violation was discovered and reported >> in a private email with the maintainer on Dec 20th. > >> A zip file with keys that causes segfaults and other errors is >> available at >> http://dl.dropbox.com/u/18852638/gnupg-issues/1455.zip and includes >> a log file that demonstrates the issues [on MacOS X and gpg >> 1.4.11] > >> A new version of gpg -- 1.4.13 -- that addressed both these issues, >> was independently released by the maintainer on Dec 20th. > >> The simplest solution is to upgrade all gpg installs to 1.4.13. > >> [Workarounds: A corrupted database may be recovered by manually >> copying back the pubring.gpg~ backup file. Certain errors may also >> be prevented by never directly importing a key, but first just >> "looking" at the key (eg: "gpg bad_key.pkr"). However, this is not >> guaranteed to work in all cases; though upgrading to 1.4.13 does >> work for the issues reported.] > >> Discovery: > >> The problem was discovered during a byte-fuzzing test of OpenPGP >> certificates for an unrelated application. Each byte in turn was >> replaced by a random byte, and the modified certificate fed to the >> application to check that it handled errors correctly. Gpg was used >> as a control, but it itself turned out to have errors related to >> packet parsing. The errors are generally triggered when fuzzing the >> length field of OpenPGP packets, which cascades into subsequent >> errors in certain situations. > >> -kb > > Has this been assigned a CVE identifier yet? Spoke with upstream, confirmed things. Please use CVE-2012-6085 for this issue.
Created attachment 3306 [details] Attaching PoC from dropbox link
Fixed packages has been submitted to mga2, updates_testing (gnupg-1.4.12-1.1.mga2, gnupg2-2.0.18-1.1.mga2). I bumped to 1.4.13 yesterday (2013-01-01) and just submitted gnupg2-2.0.19-2.mga3 to cauldron. Tested using the PoC. all OK.
Proposed advisory: Versions of GnuPG <= 1.4.12 are vulnerable to memory access violations and public keyring database corruption when importing public keys that have been manipulated. An OpenPGP key can be fuzzed in such a way that gpg segfaults (or has other memory access violations) when importing the key. References: https://bugs.g10code.com/gnupg/issue1455 https://bugzilla.redhat.com/show_bug.cgi?id=891142
Hardware: i586 => AllAssignee: bugsquad => qa-bugs
Testing partially complete mga2 32 gnupg2 needs a subrel bump Oden Mageia release 2 (Official) for i586 ------------------ Core Release gnupg2-2.0.18-1.mga2 ------------------ Core Updates gnupg2-2.0.18-1.1.mga2 ------------------ Core Updates Testing gnupg2-2.0.18-1.1.mga2 ------------------ With gnupg Before ------ $ gpg --homedir=/tmp/gpg-box --list-key gpg: packet(1) too short gpg: keyring_get_keyblock: read error: invalid packet gpg: keydb_get_keyblock failed: invalid keyring $ gpg --homedir=/tmp/gpg-box --delete-key FC21FDDE gpg (GnuPG) 1.4.12; Copyright (C) 2012 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. gpg: packet(1) too short gpg: keyring_get_keyblock: read error: invalid packet gpg: error reading keyblock: invalid keyring gpg: FC21FDDE: delete key failed: invalid keyring After ----- $ gpg --homedir=/tmp/gpg-box --list-key /tmp/gpg-box/pubring.gpg ------------------------ pub 4096s/FC21FDDE 2012-12-06 uid test $ rm -rf /tmp/gpg-box Repeated for gnupg2 using gpg2 instead of gpg with different results Before ------ $ gpg2 --homedir=/tmp/gpg-box --list-keys gpg: keyring `/tmp/gpg-box/pubring.gpg' created gpg: /tmp/gpg-box/trustdb.gpg: trustdb created $ gpg2 --homedir=/tmp/gpg-box --import fuzz-1617.pkr gpg: keyring `/tmp/gpg-box/secring.gpg' created gpg: key FC21FDDE: no valid user IDs gpg: this may be caused by a missing self-signature gpg: Total number processed: 1 gpg: w/o user IDs: 1 $ gpg2 --homedir=/tmp/gpg-box --list-key $ gpg2 --homedir=/tmp/gpg-box --list-keys $ gpg2 --homedir=/tmp/gpg-box --delete-key FC21FDDE gpg (GnuPG) 2.0.18; Copyright (C) 2011 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. gpg: key "FC21FDDE" not found: Unknown system error gpg: FC21FDDE: delete key failed: Unknown system error Does gnupg2 need this patch?
Whiteboard: (none) => feedback
Whiteboard: feedback => has_procedure feedback
Notice the package release tag is the same in updates and updates_testing, so I'm guessing you didn't actually update gnupg2 before your after test for that. This happened because the previous person who updated this package put the subrel line in a less than ideal place and Oden didn't see it. I've fixed it and pushed gnupg2-2.0.18-1.2.mga2 to the build system.
CC: (none) => luigiwalser
For reference, here's Mandriva's advisory for this issue: http://www.mandriva.com/en/support/security/advisories/?dis=2011&name=MDVSA-2013:001
No 'After' test was yet performed for gnupg2 David. Please see again comment 4.
(In reply to comment #7) > No 'After' test was yet performed for gnupg2 David. Please see again comment 4. Indeed. Well the subrel still needed to be fixed, so the After test can be performed once it his the mirrors :o) So, just to be clear, this update includes both the gnupg and gnupg2 SRPMS, as Oden noted in Comment 2.
It's still not clear whether gnupg2 actually requires this patch. Assuming I used it correctly :D the initial test showed it refused to import the fuzzed pkr so may not be vulnerable and the advisory also says 'Versions of GnuPG <= 1.4.12 are vulnerable to memory access violations' where gnupg2 is 2.0.18
Found the solution, with gnupg2 it's necessary to use an extra option --allow-non-selfsigned-uid Testing complete mga2 32 Confirming gnupg2 is vulnerable, could the advisory please reflect this. Before ------ $ gpg2 --homedir=/tmp/gpg-box --allow-non-selfsigned-uid --import fuzz-1617.pkr gpg: key FC21FDDE: accepted non self-signed user ID "test" gpg: packet(1) too short gpg: keyring_get_keyblock: read error: Invalid packet gpg: keydb_get_keyblock failed: Invalid keyring gpg: keydb_search failed: Invalid keyring gpg: key FC21FDDE: public key "[User ID not found]" imported gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) $ gpg2 --homedir=/tmp/gpg-box --list-key gpg: packet(1) too short gpg: keyring_get_keyblock: read error: Invalid packet gpg: keydb_get_keyblock failed: Invalid keyring $ gpg2 --homedir=/tmp/gpg-box --delete-key FC21FDDE gpg (GnuPG) 2.0.18; Copyright (C) 2011 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. gpg: packet(1) too short gpg: keyring_get_keyblock: read error: Invalid packet gpg: error reading keyblock: Invalid keyring gpg: FC21FDDE: delete key failed: Invalid keyring After ----- $ gpg2 --homedir=/tmp/gpg-box --allow-non-selfsigned-uid --import fuzz-1617.pkr gpg: keyring `/tmp/gpg-box/secring.gpg' created gpg: key FC21FDDE: accepted non self-signed user ID "test" gpg: key FC21FDDE: public key "test" imported gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) $ gpg2 --homedir=/tmp/gpg-box --list-key /tmp/gpg-box/pubring.gpg ------------------------ pub 0s/FC21FDDE 2012-12-06 uid test $ gpg2 --homedir=/tmp/gpg-box --delete-key FC21FDDE gpg (GnuPG) 2.0.18; Copyright (C) 2011 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. pub 0s/FC21FDDE 2012-12-06 test Delete this key from the keyring? (y/N) y
Whiteboard: has_procedure feedback => has_procedure mga2-32-OK
Oh I really did misunderstand you. When you asked if gnupg2 needed the patch I thought you were saying it appears it hadn't been patched. You were trying to say the Before test look fine so you wanted to confirm it needed to be updated. Sorry for the misunderstanding. Nice job finding the needed option. Advisory: ======================== Updated gnupg and gnupg2 packages fix security vulnerability: Versions of GnuPG <= 1.4.12 and GnuPG2 <= 2.0.19 are vulnerable to memory access violations and public keyring database corruption when importing public keys that have been manipulated. An OpenPGP key can be fuzzed in such a way that gpg segfaults (or has other memory access violations) when importing the key (CVE-2012-6085). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085 https://bugs.g10code.com/gnupg/issue1455 https://bugzilla.redhat.com/show_bug.cgi?id=891142 http://www.mandriva.com/en/support/security/advisories/?dis=2011&name=MDVSA-2013:001 ======================== Updated packages in core/updates_testing: ======================== gnupg-1.4.12-1.1.mga2 gnupg2-2.0.18-1.2.mga2 from SRPMS: gnupg-1.4.12-1.1.mga2.src.rpm gnupg2-2.0.18-1.2.mga2.src.rpm
Testing complete on Mageia 2 x86-64. Thanks for the detailed testing procedure Claire. One note, after unzipping the attachment, "> gpg-box/pubring.gpg", to erase the existing bad key, before testing. Could someone from the sysadmin team push the srpms gnupg-1.4.12-1.1.mga2.src.rpm gnupg2-2.0.18-1.2.mga2.src.rpm from Mageia 2 Core Updates Testing to Core Updates. Advisory: Updated gnupg and gnupg2 packages fix security vulnerability: Versions of GnuPG <= 1.4.12 and GnuPG2 <= 2.0.19 are vulnerable to memory access violations and public keyring database corruption when importing public keys that have been manipulated. An OpenPGP key can be fuzzed in such a way that gpg segfaults (or has other memory access violations) when importing the key (CVE-2012-6085). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085 https://bugs.g10code.com/gnupg/issue1455 https://bugzilla.redhat.com/show_bug.cgi?id=891142 http://www.mandriva.com/en/support/security/advisories/?dis=2011&name=MDVSA-2013:001 https://bugs.mageia.org/show_bug.cgi?id=8572
Keywords: (none) => validated_updateCC: (none) => davidwhodgins, sysadmin-bugsWhiteboard: has_procedure mga2-32-OK => has_procedure mga2-32-OK MGA2-64-OK
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085 => http://lwn.net/Vulnerabilities/531204/
Patches added to Mageia 1 SVN.
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0003
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED