Amazon security, the Trusted Software Security Team have found a double free taking place in the shdr_verify_signature() function. The attack involves three different sessions where the heap can be controlled to some extent making it possible to load a corrupt/modified TA. Even though this is a complex attack, Amazon was able to create a proof of concept to carry out a successful attack that compromised and gained control over the entire secure world. When initially reported there was no proof of concept and we gave it "low severity". But once we got notified about the working proof of concept agreed to increase the severity, with the CSVV score: CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N which translates to "7.4 / high severity".
This issue is present in OP-TEE 3.20 and later. Earlier versions than that are not affected by this issue. The fix was merged before the release of OP-TEE 3.22 July 7th. So, OP-TEE 3.22 and later has been patched.
Trigger the problem
On the vulnerable version, shdr_verify_signature() can end up doing a double free. shdr_verify_signature() is used to verify a Trusted Application binary before it is loaded. To verify the signature of a TA, OP-TEE have to allocate a memory for RSA key. The function responsible for the allocation is sw_crypto_acipher_alloc_rsa_public_key(), which will try to allocate this memory from the OP-TEE heap.
A RSA key consist of an exponent and a modulus (represented as the variables e and n). In OP-TEE, the allocation for the exponent and the modulus is not an atomic operation and therefore it might succeed allocating one of them, but failing to allocate the other one. For example, the allocation of e might succeed, but n might fail. When that happens, the function sw_crypto_acipher_alloc_rsa_public_key() will free e and return with an error code, but variable e will remain on an address that already has been freed once . As a consequence, the shdr_verify_signature() function will free it again. In short, what we have is a "double free" bug.
Patches
optee_os.git
Workarounds
N/A
References
[1] CWE-415: Double Free
OP-TEE ID
OP-TEE-2023-0001
Reported by
- Amazon (Jihwan Park from Amazon Security, Trusted Software Security Team)
For more information
For more information regarding the security incident process in OP-TEE, please read the information that can be found when going to the "Security" page at https://www.trustedfirmware.org.
Timeline
2023-06-15: Report received
2023-06-16: Initial response
2023-06-20: Fix proposed internally
2023-06-26: Informing Trusted Stakeholders
2023-07-04: Mitigation patch merged upstream
2023-08-29: Proof of Concept with working attack shared with us, increased severity.
2023-09-06: CVE requested (CVE-2023-41325)
2023-09-13: Issue published
Amazon security, the Trusted Software Security Team have found a double free taking place in the
shdr_verify_signature()function. The attack involves three different sessions where the heap can be controlled to some extent making it possible to load a corrupt/modified TA. Even though this is a complex attack, Amazon was able to create a proof of concept to carry out a successful attack that compromised and gained control over the entire secure world. When initially reported there was no proof of concept and we gave it "low severity". But once we got notified about the working proof of concept agreed to increase the severity, with the CSVV score:CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:Nwhich translates to"7.4 / high severity".This issue is present in OP-TEE 3.20 and later. Earlier versions than that are not affected by this issue. The fix was merged before the release of OP-TEE 3.22 July 7th. So, OP-TEE 3.22 and later has been patched.
Trigger the problem
On the vulnerable version,
shdr_verify_signature()can end up doing a double free.shdr_verify_signature()is used to verify a Trusted Application binary before it is loaded. To verify the signature of a TA, OP-TEE have to allocate a memory for RSA key. The function responsible for the allocation issw_crypto_acipher_alloc_rsa_public_key(), which will try to allocate this memory from the OP-TEE heap.A RSA key consist of an exponent and a modulus (represented as the variables
eandn). In OP-TEE, the allocation for the exponent and the modulus is not an atomic operation and therefore it might succeed allocating one of them, but failing to allocate the other one. For example, the allocation ofemight succeed, butnmight fail. When that happens, the functionsw_crypto_acipher_alloc_rsa_public_key()will freeeand return with an error code, but variableewill remain on an address that already has been freed once . As a consequence, theshdr_verify_signature()function will free it again. In short, what we have is a "double free" bug.Patches
optee_os.git
Workarounds
N/A
References
[1] CWE-415: Double Free
OP-TEE ID
OP-TEE-2023-0001
Reported by
For more information
For more information regarding the security incident process in OP-TEE, please read the information that can be found when going to the "Security" page at https://www.trustedfirmware.org.
Timeline
2023-06-15: Report received
2023-06-16: Initial response
2023-06-20: Fix proposed internally
2023-06-26: Informing Trusted Stakeholders
2023-07-04: Mitigation patch merged upstream
2023-08-29: Proof of Concept with working attack shared with us, increased severity.
2023-09-06: CVE requested (
CVE-2023-41325)2023-09-13: Issue published