oss-sec mailing list archives

CVE Request: Openpgp.js Critical vulnerability in S2K

From: Gijs Hollestelle <g.hollestelle () gmail com>
Date: Tue, 13 Oct 2015 20:21:54 +0200

Hi,

A vulnerability in the S2K function of OpenPGP.js allows to produce a
predictable session key without knowing the passphrase.

An attacker is able to create a private PGP key that will decrypt in
OpenPGP.js regardless of the passphrase given.

Also using this flaw it is possible to forge a symmetrically encrypted PGP
message (Symmetric-Key Encrypted Session Key Packets (Tag 3)) that
will decrypt with any passphrase in OpenPGP.js. This can be an attack
vector if successful decryption of such a message is used as an
authentication mechanism.

The bug is fixed with a strict check on unknown S2K types.

Info:
https://www.mail-archive.com/list () openpgpjs org/msg00918.html

Fixed by:
https://github.com/openpgpjs/openpgpjs/commit/668a9bbe7033f3f475576209305eb57a54306d29

Fixen in:
OpenPGP.js v1.3.0

Could a CVE please be assigned to this issue?

Regards,
  Gijs

Current thread:

CVE Request: Openpgp.js Critical vulnerability in S2K Gijs Hollestelle (Oct 13)
- Re: CVE Request: Openpgp.js Critical vulnerability in S2K cve-assign (Oct 30)