From nobody Wed Feb 8 19:41:55 2023 X-Original-To: freebsd-security@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PBr3q6SK5z3p7xf for ; Wed, 8 Feb 2023 19:41:59 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: from mail-qt1-x82e.google.com (mail-qt1-x82e.google.com [IPv6:2607:f8b0:4864:20::82e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PBr3q41N2z3D7f for ; Wed, 8 Feb 2023 19:41:59 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Authentication-Results: mx1.freebsd.org; none Received: by mail-qt1-x82e.google.com with SMTP id g8so22151205qtq.13 for ; Wed, 08 Feb 2023 11:41:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hardenedbsd.org; s=google; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=Q58wnw5yUCXgDcD3jFF5exFtcODXx4525L9NIRJOrxA=; b=j6ntSnxws5vzInpharWjKx704BdsKJg66IUrAw+1sQZTzZSCxPoBBlmJjcjHWK+EoY HGD+zoTLR+VU3dJ9YqOk7HwgWp6HmsafN4nUzVDzJwbMllkvpbiy5ywGoT7w/xUkjVdA 0S/ogqF+mhsN3vWc6YqUA/WPnHC1qwf+SZDx6DaMJNBRnI1Fr2v+tsxMbuoGndlPr0dg PWpeVbah7gJVI5SkcdMJeN23YMWWOEhlU+jabsj6vHzQnqy1E47awNo0+GFnVYNCq6jF JRGSQqdFEMFLVAP6bXzr34C5dJ+1Ta180iAdqy89V19PX1diE+bfa0ABk4hYBHv3q/1f k7pQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=Q58wnw5yUCXgDcD3jFF5exFtcODXx4525L9NIRJOrxA=; b=SUOHXfFrLuCIeUTfK6iXARG29ZbbnsPVfHbjfcHtL+oujuyZVTHj3MOIhAMJYHN5mh 8ku+r4ryTA8fuKeI//2ECui5UDRlfyzOca3F1dNzvARa1MVw29Gtp0vBMn42pB1P6d1l qr0jnyekGwySwl94SuCPC1Hu8x2LgyIi3tCo2XCIA98ow+Cm+2yxIXxxonMGhe/cyc7K 2tOU/i0ZTnyrnvHq7CyZqN1fn8cAL3ep6gNZvwRWGWljEhNqW3wdbRotmseHMHdhZzbM ziM9399TLqACRBJw0MYeiNExatxL2pei5etu4NM2GlExGLcQ1NCUmlpB+s0Ubii6puZ7 eLHQ== X-Gm-Message-State: AO0yUKVDJjOl/YHUBxpvitWtpfPU5ahQvYDu/pXn23SoNirBlKWsfAIg hXQpMie9wi0/xVrBmyKZPb3BVf+UGNvGLAcfnfmFUaz0ZIRFc0gR5yd2yzK+acZDvoakng0pYtD Z3qG+uZZ+fdz70ObWkB4r9964J15eVWu6Rw/lJjSQky7UMdg6MSfFEP9s6XR++qbxmyINnkmds0 kjL7/VdNJEy5YJNg== X-Google-Smtp-Source: AK7set9p3jJeTEPhbOKAqgbl0QwXTb7xxHa1jz+KFKOuRj3vYoueepokVQo29v753SXF95HwGR1aPA== X-Received: by 2002:ac8:5ac3:0:b0:3b7:ec87:8154 with SMTP id d3-20020ac85ac3000000b003b7ec878154mr10226179qtd.44.1675885317537; Wed, 08 Feb 2023 11:41:57 -0800 (PST) Received: from mutt-hbsd (pool-100-16-219-215.bltmmd.fios.verizon.net. [100.16.219.215]) by smtp.gmail.com with ESMTPSA id f3-20020ac84703000000b003b2d890752dsm11941852qtp.88.2023.02.08.11.41.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 08 Feb 2023 11:41:55 -0800 (PST) Date: Wed, 8 Feb 2023 14:41:55 -0500 From: Shawn Webb To: freebsd-security@freebsd.org Cc: FreeBSD Security Advisories Subject: Re: FreeBSD Security Advisory FreeBSD-SA-23:01.geli Message-ID: <20230208194155.hs5fkfdqcfmd72ld@mutt-hbsd> X-Operating-System: FreeBSD mutt-hbsd 14.0-CURRENT-HBSD FreeBSD 14.0-CURRENT-HBSD X-PGP-Key: https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/blob/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc References: <20230208190833.1DF6F8824@freefall.freebsd.org> List-Id: Security issues List-Archive: https://lists.freebsd.org/archives/freebsd-security List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-security@freebsd.org X-BeenThere: freebsd-security@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="rjrbp2jw6phlm663" Content-Disposition: inline In-Reply-To: <20230208190833.1DF6F8824@freefall.freebsd.org> X-Rspamd-Queue-Id: 4PBr3q41N2z3D7f X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N --rjrbp2jw6phlm663 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Feb 08, 2023 at 07:08:33PM +0000, FreeBSD Security Advisories wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 >=20 > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D > FreeBSD-SA-23:01.geli Security Advi= sory > The FreeBSD Pro= ject >=20 > Topic: GELI silently omits the keyfile if read from stdin >=20 > Category: core > Module: geli > Announced: 2023-02-08 > Credits: Nathan Dorfman > Affects: All supported versions of FreeBSD. > Corrected: 2023-02-08 18:03:19 UTC (stable/13, 13.1-STABLE) > 2023-02-08 18:06:31 UTC (releng/13.1, 13.1-RELEASE-p6) > 2023-02-08 18:05:45 UTC (stable/12, 12.4-STABLE) > 2023-02-08 18:30:27 UTC (releng/12.4, 12.4-RELEASE-p1) > 2023-02-08 18:28:31 UTC (releng/12.3, 12.3-RELEASE-p11) > CVE Name: CVE-2023-0751 >=20 > For general information regarding FreeBSD Security Advisories, > including descriptions of the fields above, security branches, and the > following sections, please visit . >=20 > I. Background >=20 > GELI is a block device-layer disk encryption utility. It uses a random > master key to perform symmetric cryptography on sectors. The master key = is > encrypted using a user key, which might consist of up to two components: a > user passphrase and a key file. The key file might be read from a file o= r a > standard input. GELI also allows to initialization of multiple devices w= ith > a single command. >=20 > II. Problem Description >=20 > When GELI reads a key file from a standard input, it doesn't store it > anywhere. If the user tries to initialize multiple providers at once, for > the second and subsequent devices the standard input stream will be alrea= dy > empty. In this case, GELI silently uses a NULL key as the user key file.= If > the user used only a key file without a user passphrase, the master key w= as > encrypted with an empty key file. This might not be noticed if the devic= es > were also decrypted in a batch operation. >=20 > III. Impact >=20 > Some GELI providers might be silently encrypted with a NULL key file. bsdinstall has a nifty option for using geli to encrypt your ZFS root pool (usually named zroot). Are ZFS pools created by bsdinstall impacted? Thanks, --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A= 4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --rjrbp2jw6phlm663 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmPj+vsACgkQ/y5nonf4 4frk2g//XKzGZgLGHrugjQHht1YBouo2/cOXJ+TXgJzoUR1ZltaFjCeZQREofwmd ZlCLLneTMicG3kZsUqds4sSKgTNWDdYxNX2XyRqbbSjWasqb1B5wWTwN48xb5uVH mBaSOUkjogVvnkVtsNmO2zz5AUAyPpEDzzHqYQoVsvTn9qkDijBBTaWTlZNFZBLV O8urhNf7S3/IQf4wPHZfoQ5ljL8mZ1nojzPyL0v97M4cWdlw3hMh83mbHDcPqn8r 4NVQFLY0myq+Ktwn0NRRlAFcs3ZwE7rFsSod9Yl6xeneRK0vFPEy+DgwDFqNF/4m koyOaxdLqWvTkF9CCC3Y/zYvaQS46TeODm7TD5HuKvboQz90Tz0lxxI/a1A5SPGQ oKIYbH573rY5fN5KfmWdNhsObqWsFHnOZOG7Y35Z3fJoyL4rQpCehfJ15+CoJuVS 5hzZ6cCH1nUYNyAVT4cTMB9p4GD7Ykb2QaLOf9Ji7v6w6S38s2mqHmlI8BzlUc6h ATZb7vOPwLpLWjwDPgTgnq3qbL4kTqUKLBn0ANyqxd4UwYQHVGtbboOGuWVw5dUU F9rJTQ71nBJkzwtcdv2+OWZuCKtQTBY9SxQjZPy2hBTOL53Xn6QO1506vpMDBc80 CUtwql7s32f0369AaBMy5rrsCFXZHzf1KWt8y1WekUB594KDH2w= =lY+7 -----END PGP SIGNATURE----- --rjrbp2jw6phlm663--