Date: Wed, 8 Feb 2023 14:41:55 -0500 From: Shawn Webb <shawn.webb@hardenedbsd.org> To: freebsd-security@freebsd.org Cc: FreeBSD Security Advisories <security-advisories@freebsd.org> Subject: Re: FreeBSD Security Advisory FreeBSD-SA-23:01.geli Message-ID: <20230208194155.hs5fkfdqcfmd72ld@mutt-hbsd> In-Reply-To: <20230208190833.1DF6F8824@freefall.freebsd.org> References: <20230208190833.1DF6F8824@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--rjrbp2jw6phlm663 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Feb 08, 2023 at 07:08:33PM +0000, FreeBSD Security Advisories wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 >=20 > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D > FreeBSD-SA-23:01.geli Security Advi= sory > The FreeBSD Pro= ject >=20 > Topic: GELI silently omits the keyfile if read from stdin >=20 > Category: core > Module: geli > Announced: 2023-02-08 > Credits: Nathan Dorfman <ndorf@rtfm.net> > Affects: All supported versions of FreeBSD. > Corrected: 2023-02-08 18:03:19 UTC (stable/13, 13.1-STABLE) > 2023-02-08 18:06:31 UTC (releng/13.1, 13.1-RELEASE-p6) > 2023-02-08 18:05:45 UTC (stable/12, 12.4-STABLE) > 2023-02-08 18:30:27 UTC (releng/12.4, 12.4-RELEASE-p1) > 2023-02-08 18:28:31 UTC (releng/12.3, 12.3-RELEASE-p11) > CVE Name: CVE-2023-0751 >=20 > For general information regarding FreeBSD Security Advisories, > including descriptions of the fields above, security branches, and the > following sections, please visit <URL:https://security.FreeBSD.org/>. >=20 > I. Background >=20 > GELI is a block device-layer disk encryption utility. It uses a random > master key to perform symmetric cryptography on sectors. The master key = is > encrypted using a user key, which might consist of up to two components: a > user passphrase and a key file. The key file might be read from a file o= r a > standard input. GELI also allows to initialization of multiple devices w= ith > a single command. >=20 > II. Problem Description >=20 > When GELI reads a key file from a standard input, it doesn't store it > anywhere. If the user tries to initialize multiple providers at once, for > the second and subsequent devices the standard input stream will be alrea= dy > empty. In this case, GELI silently uses a NULL key as the user key file.= If > the user used only a key file without a user passphrase, the master key w= as > encrypted with an empty key file. This might not be noticed if the devic= es > were also decrypted in a batch operation. >=20 > III. Impact >=20 > Some GELI providers might be silently encrypted with a NULL key file. bsdinstall has a nifty option for using geli to encrypt your ZFS root pool (usually named zroot). Are ZFS pools created by bsdinstall impacted? Thanks, --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A= 4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --rjrbp2jw6phlm663 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAmPj+vsACgkQ/y5nonf4 4frk2g//XKzGZgLGHrugjQHht1YBouo2/cOXJ+TXgJzoUR1ZltaFjCeZQREofwmd ZlCLLneTMicG3kZsUqds4sSKgTNWDdYxNX2XyRqbbSjWasqb1B5wWTwN48xb5uVH mBaSOUkjogVvnkVtsNmO2zz5AUAyPpEDzzHqYQoVsvTn9qkDijBBTaWTlZNFZBLV O8urhNf7S3/IQf4wPHZfoQ5ljL8mZ1nojzPyL0v97M4cWdlw3hMh83mbHDcPqn8r 4NVQFLY0myq+Ktwn0NRRlAFcs3ZwE7rFsSod9Yl6xeneRK0vFPEy+DgwDFqNF/4m koyOaxdLqWvTkF9CCC3Y/zYvaQS46TeODm7TD5HuKvboQz90Tz0lxxI/a1A5SPGQ oKIYbH573rY5fN5KfmWdNhsObqWsFHnOZOG7Y35Z3fJoyL4rQpCehfJ15+CoJuVS 5hzZ6cCH1nUYNyAVT4cTMB9p4GD7Ykb2QaLOf9Ji7v6w6S38s2mqHmlI8BzlUc6h ATZb7vOPwLpLWjwDPgTgnq3qbL4kTqUKLBn0ANyqxd4UwYQHVGtbboOGuWVw5dUU F9rJTQ71nBJkzwtcdv2+OWZuCKtQTBY9SxQjZPy2hBTOL53Xn6QO1506vpMDBc80 CUtwql7s32f0369AaBMy5rrsCFXZHzf1KWt8y1WekUB594KDH2w= =lY+7 -----END PGP SIGNATURE----- --rjrbp2jw6phlm663--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20230208194155.hs5fkfdqcfmd72ld>