vulnerability bulletin CVE-2012-6088
rpm: invalid check of signature
Synthesis of the vulnerability
An attacker can create a specially malformed rpm archive, with an invalid signature, but which is not detected, so an attacker can invite the administrator to install a malicious rpm.Impacted products: Unix (platform)
BID-57138, CERTA-2013-AVI-004, CVE-2012-6088, VIGILANCE-VUL-12283.
Description of the vulnerability
The rpm tool is used to install packages on the system.
The rpmpkgRead() function of the lib/package.c file checks the signature of the package, before installing it. This function calls parsePGPSig() to decode the signature. When the signature is malformed, this function returns an error, but the integer storing the error code is not set to RPMRC_FAIL. The rpmpkgRead() function then uses the value RPMRC_OK, which means that the signature is valid.
An attacker can therefore create a specially malformed rpm archive, with an invalid signature, but which is not detected, so an attacker can invite the administrator to install a malicious rpm.Complete Vigil@nce bulletin....
Share this bulletin
Computer vulnerabilities tracking service
Vigil@nce provides an applications vulnerabilities management
. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The technology watch team tracks security threats targeting the computer system. The Vigil@nce vulnerability database contains several thousand vulnerabilities.