CVE-2023-0751 - OpenCVE

When GELI reads a key file from standard input, it does not reuse the key file to initialize multiple providers at once resulting in the second and subsequent devices silently using a NULL key as the user key file. If a user only uses a key file without a user passphrase, the master key is encrypted with an empty key file allowing trivial recovery of the master key.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Freebsd	Freebsd

Configuration 1 [-]

OR	cpe:2.3:o:freebsd:freebsd:12.3:-::::::
	cpe:2.3:o:freebsd:freebsd:12.3:p1::::::
	cpe:2.3:o:freebsd:freebsd:12.3:p2::::::
	cpe:2.3:o:freebsd:freebsd:12.3:p3::::::
	cpe:2.3:o:freebsd:freebsd:12.3:p4::::::
	cpe:2.3:o:freebsd:freebsd:12.3:p5::::::
	cpe:2.3:o:freebsd:freebsd:12.4:-::::::
	cpe:2.3:o:freebsd:freebsd:12.4:rc2-p1::::::
	cpe:2.3:o:freebsd:freebsd:12.4:rc2-p2::::::
	cpe:2.3:o:freebsd:freebsd:13.1:-::::::
	cpe:2.3:o:freebsd:freebsd:13.1:b1-p1::::::
	cpe:2.3:o:freebsd:freebsd:13.1:b2-p2::::::
	cpe:2.3:o:freebsd:freebsd:13.1:p1::::::
	cpe:2.3:o:freebsd:freebsd:13.1:p2::::::
	cpe:2.3:o:freebsd:freebsd:13.1:p3::::::
	cpe:2.3:o:freebsd:freebsd:13.1:p4::::::
	cpe:2.3:o:freebsd:freebsd:13.1:p5::::::
	cpe:2.3:o:freebsd:freebsd:13.1:rc1-p1::::::

No data.

References

Link	Providers
https://security.FreeBSD.org/advisories/FreeBSD-SA-23:01.geli.asc

History

No history.

MITRE

Status: PUBLISHED

Assigner: freebsd

Published: 2023-02-08T19:25:01.118Z

Updated: 2024-08-02T05:24:34.119Z

Reserved: 2023-02-08T15:34:03.264Z

Link: CVE-2023-0751

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-02-08T20:15:24.377

Modified: 2023-11-07T04:01:23.443

Link: CVE-2023-0751

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-0751", "assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "state": "PUBLISHED", "assignerShortName": "freebsd", "dateReserved": "2023-02-08T15:34:03.264Z", "datePublished": "2023-02-08T19:25:01.118Z", "dateUpdated": "2024-08-02T05:24:34.119Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["geli"], "product": "FreeBSD", "vendor": "FreeBSD", "versions": [{"lessThan": "13.1-RELEASE-p6", "status": "affected", "version": "13.1-RELEASE", "versionType": "release"}, {"lessThan": "12.4-RELEASE-p1", "status": "affected", "version": "12.4-RELEASE", "versionType": "release"}, {"lessThan": "12.3-RELEASE-p11", "status": "affected", "version": "12.3-RELEASE", "versionType": "release"}]}], "datePublic": "2023-02-09T02:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "When GELI reads a key file from standard input, it does not reuse the key file to initialize multiple providers at once resulting in the second and subsequent devices silently using a NULL key as the user key file. If a user only uses a key file without a user passphrase, the master key is encrypted with an empty key file allowing trivial recovery of the master key.<br>"}], "value": "When GELI reads a key file from standard input, it does not reuse the key file to initialize multiple providers at once resulting in the second and subsequent devices silently using a NULL key as the user key file. If a user only uses a key file without a user passphrase, the master key is encrypted with an empty key file allowing trivial recovery of the master key.\n"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "shortName": "freebsd", "dateUpdated": "2023-02-08T19:25:01.118Z"}, "references": [{"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:01.geli.asc"}], "source": {"advisory": "FreeBSD-SA-23:01.geli", "discovery": "UNKNOWN"}, "title": "GELI silently omits the keyfile if read from stdin", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.netapp.com/advisory/ntap-20230316-0004/"}, {"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:01.geli.asc", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:24:34.119Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:12.3:-:*:*:*:*:*:*", "matchCriteriaId": "224B7627-CDDE-429A-852F-8A6066B501B7", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.3:p1:*:*:*:*:*:*", "matchCriteriaId": "3B6DCD8A-331E-419F-9253-C4D35C1DF54B", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.3:p2:*:*:*:*:*:*", "matchCriteriaId": "4578E06C-16C6-435E-9E51-91CB02602355", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.3:p3:*:*:*:*:*:*", "matchCriteriaId": "71FA1F6C-7E53-40F8-B9E1-5FD28D5DAADA", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.3:p4:*:*:*:*:*:*", "matchCriteriaId": "0EC87BCE-17F0-479B-84DC-516C24FBD396", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.3:p5:*:*:*:*:*:*", "matchCriteriaId": "620C23ED-400C-438C-8427-94437F12EDAF", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:-:*:*:*:*:*:*", "matchCriteriaId": "24920B4D-96C0-401F-B679-BEB086760EAF", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:rc2-p1:*:*:*:*:*:*", "matchCriteriaId": "BA821886-B26B-47A6-ABC9-B8F70CE0ACFB", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:12.4:rc2-p2:*:*:*:*:*:*", "matchCriteriaId": "220629AD-32CC-4303-86AE-1DD27F0E4C65", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:-:*:*:*:*:*:*", "matchCriteriaId": "DEEE6D52-27E4-438D-AE8D-7141320B5973", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:b1-p1:*:*:*:*:*:*", "matchCriteriaId": "66364EA4-83B1-4597-8C18-D5633B361A9C", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:b2-p2:*:*:*:*:*:*", "matchCriteriaId": "EF9292DD-EFB1-4B50-A941-7485D901489F", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p1:*:*:*:*:*:*", "matchCriteriaId": "EFB18F55-4F5C-4166-9A7E-6F6617179A90", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p2:*:*:*:*:*:*", "matchCriteriaId": "66E1C269-841F-489A-9A0A-5D145B417E0A", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p3:*:*:*:*:*:*", "matchCriteriaId": "ECF1B567-F764-45F5-A793-BEA93720F952", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p4:*:*:*:*:*:*", "matchCriteriaId": "DAFE3F33-2C57-4B52-B658-82572607BD8C", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:p5:*:*:*:*:*:*", "matchCriteriaId": "C925DF75-2785-44BD-91CA-66D29C296689", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:13.1:rc1-p1:*:*:*:*:*:*", "matchCriteriaId": "B536EE52-ED49-4A85-BC9D-A27828D5A961", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "When GELI reads a key file from standard input, it does not reuse the key file to initialize multiple providers at once resulting in the second and subsequent devices silently using a NULL key as the user key file. If a user only uses a key file without a user passphrase, the master key is encrypted with an empty key file allowing trivial recovery of the master key.\n"}], "id": "CVE-2023-0751", "lastModified": "2023-11-07T04:01:23.443", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-02-08T20:15:24.377", "references": [{"source": "secteam@freebsd.org", "tags": ["Mitigation", "Patch", "Vendor Advisory"], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-23:01.geli.asc"}], "sourceIdentifier": "secteam@freebsd.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "secteam@freebsd.org", "type": "Secondary"}]}