Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI0cjgtZm05ci1jcGoy
Low severity vulnerability that affects com.linecorp.armeria:armeria
Multiple timing attack vulnerabilities leading to the recovery of secrets based on the use of non-constant time compare function
Impact
String comparison method in multiple authentication validation in Armeria were known to be vulnerable to timing attacks. This vulnerability is caused by the insecure implementation of equals
method from java.lang.String
. While this attack is not practically possible, an attacker still has a potential to attack if the victim's server validates user by using equals
method.
We would like to thank @chrsow for pointing out the issue.
Potentially vulnerable codes
https://github.com/line/armeria/blob/f0d870fde1088114070be31b67f7df0a21e835c6/core/src/main/java/com/linecorp/armeria/server/auth/OAuth2Token.java#L54
https://github.com/line/armeria/blob/f0d870fde1088114070be31b67f7df0a21e835c6/core/src/main/java/com/linecorp/armeria/server/auth/BasicToken.java#L64
Patches
There are two options to patch this issue.
-
Remove
equals
method; it has been exclusively used for test cases and was never used in any OSS projects that are using Armeria. (But it is worth noting that there are possibilities of closed projects authenticating users by utilizingequals
method) -
Use
MessageDigest.isEqual
to compare the credential instead.
Workarounds
- Update to the latest version (TBD)
2-1. Users can prevent these vulnerabilities by modifying and implementing timing attack preventions by themselves.
2-2. Precisely speaking, it is possible to compare credentials by securely comparing them after calling methods to directly return the input (namely Object. accessToken()
, Object.username()
and Object.password()
).
References
- https://cwe.mitre.org/data/definitions/208.html
- https://security.stackexchange.com/questions/111040/should-i-worry-about-remote-timing-attacks-on-string-comparison
Side Note
Since it is a theoretical attack, there is no PoC available from neither the vendor nor the security team.
Permalink: https://github.com/advisories/GHSA-24r8-fm9r-cpj2JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTI0cjgtZm05ci1jcGoy
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Low
Classification: General
Published: over 4 years ago
Updated: over 1 year ago
CVSS Score: 4.8
CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Identifiers: GHSA-24r8-fm9r-cpj2, CVE-2019-16771
References:
- https://github.com/line/armeria/security/advisories/GHSA-24r8-fm9r-cpj2
- https://nvd.nist.gov/vuln/detail/CVE-2019-16771
- https://github.com/advisories/GHSA-24r8-fm9r-cpj2
- https://github.com/line/armeria/security/advisories/GHSA-35fr-h7jr-hh86
- https://github.com/line/armeria/commit/b597f7a865a527a84ee3d6937075cfbb4470ed20
Blast Radius: 11.5
Affected Packages
maven:com.linecorp.armeria:armeria
Dependent packages: 160Dependent repositories: 253
Downloads:
Affected Version Ranges: < 0.97.0
Fixed in: 0.97.0
All affected versions: 0.32.0, 0.33.0, 0.33.1, 0.34.0, 0.34.1, 0.35.0, 0.35.1, 0.35.2, 0.36.0, 0.37.0, 0.38.0, 0.39.0, 0.40.0, 0.41.0, 0.42.0, 0.43.0, 0.44.0, 0.45.0, 0.46.0, 0.46.1, 0.46.2, 0.46.3, 0.46.4, 0.47.0, 0.48.0, 0.49.0, 0.50.0, 0.51.0, 0.52.0, 0.52.1, 0.53.0, 0.53.1, 0.53.2, 0.54.0, 0.54.1, 0.54.2, 0.55.0, 0.55.1, 0.56.0, 0.56.1, 0.57.0, 0.58.0, 0.58.1, 0.59.0, 0.59.1, 0.59.2, 0.60.0, 0.61.0, 0.62.0, 0.63.0, 0.63.1, 0.64.0, 0.65.0, 0.65.1, 0.66.0, 0.67.0, 0.67.1, 0.67.2, 0.68.0, 0.68.1, 0.68.2, 0.69.0, 0.70.0, 0.70.1, 0.71.0, 0.71.1, 0.72.0, 0.73.0, 0.74.0, 0.74.1, 0.75.0, 0.76.0, 0.76.1, 0.76.2, 0.77.0, 0.78.0, 0.78.1, 0.78.2, 0.79.0, 0.80.0, 0.81.0, 0.81.1, 0.82.0, 0.83.0, 0.84.0, 0.85.0, 0.86.0, 0.87.0, 0.88.0, 0.89.0, 0.89.1, 0.90.0, 0.90.1, 0.90.2, 0.90.3, 0.91.0, 0.92.0, 0.93.0, 0.94.0, 0.95.0, 0.96.0
All unaffected versions: 0.97.0, 0.98.0, 0.98.1, 0.98.2, 0.98.3, 0.98.4, 0.98.5, 0.98.6, 0.98.7, 0.99.0, 0.99.1, 0.99.2, 0.99.3, 0.99.4, 0.99.5, 0.99.6, 0.99.7, 0.99.8, 0.99.9, 1.0.0, 1.1.0, 1.2.0, 1.3.0, 1.4.0, 1.5.0, 1.6.0, 1.7.0, 1.7.1, 1.7.2, 1.8.0, 1.9.0, 1.9.1, 1.9.2, 1.10.0, 1.11.0, 1.12.0, 1.13.0, 1.13.1, 1.13.2, 1.13.3, 1.13.4, 1.14.0, 1.14.1, 1.15.0, 1.16.0, 1.16.1, 1.16.2, 1.16.3, 1.17.0, 1.17.1, 1.17.2, 1.18.0, 1.19.0, 1.20.0, 1.20.1, 1.20.2, 1.20.3, 1.21.0, 1.22.0, 1.22.1, 1.23.0, 1.23.1, 1.24.0, 1.24.1, 1.24.2, 1.24.3, 1.25.0, 1.25.1, 1.25.2, 1.26.0, 1.26.1, 1.26.2, 1.26.3, 1.26.4, 1.27.0, 1.27.1, 1.27.2, 1.27.3, 1.28.0, 1.28.1