Bug 1563930 (CVE-2018-9234) - CVE-2018-9234 GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys
Summary: CVE-2018-9234 GnuPG: Unenforced configuration allows for apparently valid cer...
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2018-9234
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1563931 1563932 1563933 1563934 1564367 1564368
Blocks: 1563936
TreeView+ depends on / blocked
 
Reported: 2018-04-05 05:19 UTC by Sam Fowler
Modified: 2020-12-17 10:36 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-07-31 06:58:14 UTC
Embargoed:


Attachments (Terms of Use)

Description Sam Fowler 2018-04-05 05:19:32 UTC
GnuPG through version 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey.


Upstream Issue:

https://dev.gnupg.org/T3844


Upstream Patch:

https://dev.gnupg.org/rGa17d2d1f690ebe5d005b4589a5fe378b6487c657

Comment 1 Sam Fowler 2018-04-05 05:19:55 UTC
Created gnupg2 tracking bugs for this issue:

Affects: fedora-all [bug 1563931]


Created gnupg tracking bugs for this issue:

Affects: fedora-all [bug 1563932]

Comment 3 Huzaifa S. Sidhpurwala 2018-04-06 04:03:20 UTC
Analysis:

Normally master keys are more protected than signing or encryption subkeys. Since master key can actually be used to prove someone's identity. Subkeys on other hand can you used to sign/verify and encrypt/decrypt messages in place of the master keys. However the procedure of signing someones keys requires the master key. The flaw allows the signing subkey to sign someones keys, without the use of the master key, when smartcards are used. This seems to be only a minor security bypass, since technically subkeys also need to have some form of security around them.


Note You need to log in before you can comment on or make changes to this bug.