git-annex GPG decryption attack via compromised remote
A malicious server for a special remote could trick
git-annex into decrypting a file that was encrypted to the
user's GPG key. This attack could be used to expose encrypted data that
was never stored in git-annex. Daniel Dent discovered this
attack in collaboration with Joey Hess.
To perform this attack the attacker needs control of a server hosting
an encrypted special remote used by the victim's
git-annex repository. The attacker uses
git annex addurl --relaxed with an innocuous URL, and waits
for the user's git-annex to download it, and upload an
(encrypted) copy to the special remote they also control. At some later
point, when the user downloads the content from the special remote, the
attacker instead sends them the content of the GPG-encrypted file that
they wish to have decrypted in its place (which may have been
exfiltrated from the victim's system via the attack described in
HSEC-2023-0010 / CVE-2018-10857, or
acquired by other means). Finally, the attacker drops their own copy of
the original innocuous URL, and waits for the victim
git-annex to send them the accidentially decrypted
file.
The issue was fixed by making git-annex refuse to
download encrypted content from special remotes, unless it knows the
hash of the expected content. When the attacker provides some other
GPG-encrypted content, it will fail the hash check and be discarded.
Info
- Published
- July 25, 2023
- Modified
- July 25, 2023
- CAPECs
- < none >
- CWEs
- 200
- Keywords
- exfiltration, pgp, historical
- Aliases
- CVE-2018-10859
- Related
- HSEC-2023-0010, CVE-2018-10857
- References
- [ADVISORY] https://git-annex.branchable.com/security/CVE-2018-10857_and_CVE-2018-10859/
Affected
git-annex
- CVSS
- CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
- Versions
>=0.20110417 && <6.20180626- Declarations
- < none >