diff options
| author | Yogita Urade <yogita.urade@windriver.com> | 2025-04-28 12:52:48 +0000 |
|---|---|---|
| committer | Armin Kuster <akuster808@gmail.com> | 2025-05-17 12:20:48 -0600 |
| commit | 56bca048316237ae872cbaffe54be02656d5ebba (patch) | |
| tree | e7625087412d9e3996945b5f3638c7780b100e9c | |
| parent | a0b54655b573eb627ba4cb7453ce8f856e4cbe33 (diff) | |
| download | meta-openembedded-56bca048316237ae872cbaffe54be02656d5ebba.tar.gz | |
poppler: fix CVE-2025-43903
NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify
the adbe.pkcs7.sha1 signatures on documents, resulting in potential
signature forgeries.
CVE-2025-43903-0001 is the dependent commit and
CVE-2025-43903-0002 is the actual CVE fix.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-43903
Upstream patches:
https://gitlab.freedesktop.org/poppler/poppler/-/commit/33672ca1b6670f7378e24f6d475438f7f5d86b05
https://gitlab.freedesktop.org/poppler/poppler/-/commit/f1b9c830f145a0042e853d6462b2f9ca4016c669
Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
3 files changed, 126 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/poppler/poppler/CVE-2025-43903-0001.patch b/meta-oe/recipes-support/poppler/poppler/CVE-2025-43903-0001.patch new file mode 100644 index 0000000000..d18ff08ea0 --- /dev/null +++ b/meta-oe/recipes-support/poppler/poppler/CVE-2025-43903-0001.patch | |||
| @@ -0,0 +1,75 @@ | |||
| 1 | From 33672ca1b6670f7378e24f6d475438f7f5d86b05 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Sune Vuorela <sune@vuorela.dk> | ||
| 3 | Date: Mon, 22 May 2023 19:53:08 +0000 | ||
| 4 | Subject: [PATCH] Fix crash with weird hashing used for signatures | ||
| 5 | |||
| 6 | CVE: CVE-2025-43903 | ||
| 7 | Upstream-Status: Backport [https://gitlab.freedesktop.org/poppler/poppler/-/commit/33672ca1b6670f7378e24f6d475438f7f5d86b05] | ||
| 8 | |||
| 9 | Signed-off-by: Yogita Urade <yogita.urade@windriver.com> | ||
| 10 | --- | ||
| 11 | poppler/SignatureHandler.cc | 15 ++++++++++++--- | ||
| 12 | poppler/SignatureHandler.h | 7 ++++++- | ||
| 13 | 2 files changed, 18 insertions(+), 4 deletions(-) | ||
| 14 | |||
| 15 | diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc | ||
| 16 | index 9916300..f0b7006 100644 | ||
| 17 | --- a/poppler/SignatureHandler.cc | ||
| 18 | +++ b/poppler/SignatureHandler.cc | ||
| 19 | @@ -768,11 +768,11 @@ SignatureVerificationHandler::SignatureVerificationHandler(std::vector<unsigned | ||
| 20 | SECItem usedAlgorithm = NSS_CMSSignedData_GetDigestAlgs(CMSSignedData)[0]->algorithm; | ||
| 21 | auto hashAlgorithm = SECOID_FindOIDTag(&usedAlgorithm); | ||
| 22 | HASH_HashType hashType = HASH_GetHashTypeByOidTag(hashAlgorithm); | ||
| 23 | - hashContext = std::make_unique<HashContext>(ConvertHashTypeFromNss(hashType)); | ||
| 24 | + hashContext = HashContext::create(ConvertHashTypeFromNss(hashType)); | ||
| 25 | } | ||
| 26 | } | ||
| 27 | |||
| 28 | -SignatureSignHandler::SignatureSignHandler(const std::string &certNickname, HashAlgorithm digestAlgTag) : hashContext(std::make_unique<HashContext>(digestAlgTag)), signing_cert(nullptr) | ||
| 29 | +SignatureSignHandler::SignatureSignHandler(const std::string &certNickname, HashAlgorithm digestAlgTag) : hashContext(HashContext::create(digestAlgTag)), signing_cert(nullptr) | ||
| 30 | { | ||
| 31 | SignatureHandler::setNSSDir({}); | ||
| 32 | signing_cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), certNickname.c_str()); | ||
| 33 | @@ -1232,7 +1232,16 @@ std::vector<unsigned char> HashContext::endHash() | ||
| 34 | return digestBuffer; | ||
| 35 | } | ||
| 36 | |||
| 37 | -HashContext::HashContext(HashAlgorithm algorithm) : hash_context { HASH_Create(HASH_GetHashTypeByOidTag(ConvertHashAlgorithmToNss(algorithm))) }, digest_alg_tag(algorithm) { } | ||
| 38 | +HashContext::HashContext(HashAlgorithm algorithm, private_tag) : hash_context { HASH_Create(HASH_GetHashTypeByOidTag(ConvertHashAlgorithmToNss(algorithm))) }, digest_alg_tag(algorithm) { } | ||
| 39 | + | ||
| 40 | +std::unique_ptr<HashContext> HashContext::create(HashAlgorithm algorithm) | ||
| 41 | +{ | ||
| 42 | + auto ctx = std::make_unique<HashContext>(algorithm, private_tag {}); | ||
| 43 | + if (ctx->hash_context) { | ||
| 44 | + return ctx; | ||
| 45 | + } | ||
| 46 | + return {}; | ||
| 47 | +} | ||
| 48 | |||
| 49 | HashAlgorithm HashContext::getHashAlgorithm() const | ||
| 50 | { | ||
| 51 | diff --git a/poppler/SignatureHandler.h b/poppler/SignatureHandler.h | ||
| 52 | index c9fb575..f1b319f 100644 | ||
| 53 | --- a/poppler/SignatureHandler.h | ||
| 54 | +++ b/poppler/SignatureHandler.h | ||
| 55 | @@ -51,12 +51,17 @@ static const int maxSupportedSignatureSize = 10000; | ||
| 56 | |||
| 57 | class HashContext | ||
| 58 | { | ||
| 59 | + class private_tag | ||
| 60 | + { | ||
| 61 | + }; | ||
| 62 | + | ||
| 63 | public: | ||
| 64 | - explicit HashContext(HashAlgorithm algorithm); | ||
| 65 | + HashContext(HashAlgorithm algorithm, private_tag); | ||
| 66 | void updateHash(unsigned char *data_block, int data_len); | ||
| 67 | std::vector<unsigned char> endHash(); | ||
| 68 | HashAlgorithm getHashAlgorithm() const; | ||
| 69 | ~HashContext() = default; | ||
| 70 | + static std::unique_ptr<HashContext> create(HashAlgorithm algorithm); | ||
| 71 | |||
| 72 | private: | ||
| 73 | struct HashDestroyer | ||
| 74 | -- | ||
| 75 | 2.40.0 | ||
diff --git a/meta-oe/recipes-support/poppler/poppler/CVE-2025-43903-0002.patch b/meta-oe/recipes-support/poppler/poppler/CVE-2025-43903-0002.patch new file mode 100644 index 0000000000..dc2d1e7e6d --- /dev/null +++ b/meta-oe/recipes-support/poppler/poppler/CVE-2025-43903-0002.patch | |||
| @@ -0,0 +1,49 @@ | |||
| 1 | From f1b9c830f145a0042e853d6462b2f9ca4016c669 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Juraj sarinay <juraj@sarinay.com> | ||
| 3 | Date: Thu, 6 Mar 2025 02:02:56 +0100 | ||
| 4 | Subject: [PATCH] Properly verify adbe.pkcs7.sha1 signatures. | ||
| 5 | |||
| 6 | For signatures with non-empty encapsulated content | ||
| 7 | (typically adbe.pkcs7.sha1), we only compared hash values and | ||
| 8 | never actually checked SignatureValue within SignerInfo. | ||
| 9 | The bug introduced by c7c0207b1cfe49a4353d6cda93dbebef4508138f | ||
| 10 | made trivial signature forgeries possible. Fix this by calling | ||
| 11 | NSS_CMSSignerInfo_Verify() after the hash values compare equal. | ||
| 12 | |||
| 13 | CVE: CVE-2025-43903 | ||
| 14 | Upstream-Status: Backport [https://gitlab.freedesktop.org/poppler/poppler/-/commit/f1b9c830f145a0042e853d6462b2f9ca4016c669] | ||
| 15 | |||
| 16 | Signed-off-by: Yogita Urade <yogita.urade@windriver.com> | ||
| 17 | --- | ||
| 18 | poppler/SignatureHandler.cc | 11 +++++++++-- | ||
| 19 | 1 file changed, 9 insertions(+), 2 deletions(-) | ||
| 20 | |||
| 21 | diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc | ||
| 22 | index 9916300..5c478bc 100644 | ||
| 23 | --- a/poppler/SignatureHandler.cc | ||
| 24 | +++ b/poppler/SignatureHandler.cc | ||
| 25 | @@ -934,13 +934,20 @@ SignatureValidationStatus SignatureVerificationHandler::validateSignature() | ||
| 26 | This means it's not a detached type signature | ||
| 27 | so the digest is contained in SignedData->contentInfo | ||
| 28 | */ | ||
| 29 | - if (digest.len == content_info_data->len && memcmp(digest.data, content_info_data->data, digest.len) == 0) { | ||
| 30 | + if (digest.len != content_info_data->len || memcmp(digest.data, content_info_data->data, digest.len) != 0) { | ||
| 31 | return SIGNATURE_VALID; | ||
| 32 | } else { | ||
| 33 | return SIGNATURE_DIGEST_MISMATCH; | ||
| 34 | } | ||
| 35 | |||
| 36 | - } else if (NSS_CMSSignerInfo_Verify(CMSSignerInfo, &digest, nullptr) != SECSuccess) { | ||
| 37 | + auto innerHashContext = HashContext::create(hashContext->getHashAlgorithm()); | ||
| 38 | + innerHashContext->updateHash(content_info_data->data, content_info_data->len); | ||
| 39 | + digest_buffer = innerHashContext->endHash(); | ||
| 40 | + digest.data = digest_buffer.data(); | ||
| 41 | + digest.len = digest_buffer.size(); | ||
| 42 | + } | ||
| 43 | + | ||
| 44 | + if (NSS_CMSSignerInfo_Verify(CMSSignerInfo, &digest, nullptr) != SECSuccess) { | ||
| 45 | return NSS_SigTranslate(CMSSignerInfo->verificationStatus); | ||
| 46 | } else { | ||
| 47 | return SIGNATURE_VALID; | ||
| 48 | -- | ||
| 49 | 2.40.0 | ||
diff --git a/meta-oe/recipes-support/poppler/poppler_23.04.0.bb b/meta-oe/recipes-support/poppler/poppler_23.04.0.bb index 8760a0e17e..a8ab19064d 100644 --- a/meta-oe/recipes-support/poppler/poppler_23.04.0.bb +++ b/meta-oe/recipes-support/poppler/poppler_23.04.0.bb | |||
| @@ -14,6 +14,8 @@ SRC_URI = "http://poppler.freedesktop.org/${BP}.tar.xz \ | |||
| 14 | file://CVE-2024-56378.patch \ | 14 | file://CVE-2024-56378.patch \ |
| 15 | file://CVE-2025-32364.patch \ | 15 | file://CVE-2025-32364.patch \ |
| 16 | file://CVE-2025-32365.patch \ | 16 | file://CVE-2025-32365.patch \ |
| 17 | file://CVE-2025-43903-0001.patch \ | ||
| 18 | file://CVE-2025-43903-0002.patch \ | ||
| 17 | " | 19 | " |
| 18 | SRC_URI[sha256sum] = "b6d893dc7dcd4138b9e9df59a13c59695e50e80dc5c2cacee0674670693951a1" | 20 | SRC_URI[sha256sum] = "b6d893dc7dcd4138b9e9df59a13c59695e50e80dc5c2cacee0674670693951a1" |
| 19 | 21 | ||
