- Reported
-
- Issued
-
- Package
-
sequoia-git
(crates.io)
- Type
-
Vulnerability
- References
-
- CVSS Score
- 1.8
LOW
- CVSS Details
-
- Attack Complexity
- High
- Attack Requirements
- Present
- Attack Vector
- Network
- Privileges Required
- High
- Availability Impact to the Subsequent System
- None
- Confidentiality Impact to the Subsequent System
- None
- Integrity Impact to the Subsequent System
- None
- User Interaction
- Active
- Availability Impact to the Vulnerable System
- None
- Confidentiality Impact to the Vulnerable System
- None
- Integrity Impact to the Vulnerable System
- Low
- CVSS Vector
- CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
- Patched
-
Description
Before sq-git checks if a commit can be authenticated, it first
looks for hard revocations. Because parsing a policy is expensive
and a project's policy rarely changes, sq-git has an
optimization to only check a policy if it hasn't checked it
before. It does this by maintaining a set of policies that it had
already seen keyed on the policy's hash. Unfortunately, due to a
bug the hash was truncated to be 0 bytes and thus only hard
revocations in the target commit were considered. Normally this
is not a problem as hard revocations are not removed from the
signing policy.
An attacker could nevertheless exploit this flaw as follows.
Consider Alice and Bob who maintain a project together. If Bob's
certificate is compromised and Bob issues a hard revocation, Alice
can add it to the project's signing policy. An attacker who has
access to Bob's key can then create a merge request that strips
the hard revocation. If Alice merges Bob's merge request, then
the latest commit will not carry the hard revocation, and sq-git
will not see the hard revocation when authenticating that commit or
any following commits.
Note: for this attack to be successful, Alice needs to be tricked
into merging the malicious MR. If Alice is reviewing MRs, then
she is likely to notice changes to the signing policy.
Reported-by: Hassan Sheet
Advisory available under CC0-1.0
license.