Executive Summary

This vulnerability exists in the Google go-attestation library, specifically in the parseEfiSignatureList() function. The function fails to properly skip vendor-specific bytes in EFI_SIGNATURE_LIST structures before reading signature entries, violating the UEFI specification.

Because of this, attacker-controlled vendor header bytes can be appended to the trusted SHA256 hash list. A crafted TPM event log can inject arbitrary SHA256 hashes into the verifier's trusted measurement database.

This allows a remote attestation verifier to mistakenly accept a compromised boot state as legitimate, undermining the integrity of the attestation process.

Useful 0 Not Useful 0

Impact Analysis

The vulnerability can allow an attacker to inject arbitrary SHA256 hashes into the trusted measurement database used by remote attestation verifiers.

As a result, the attestation process may accept a compromised or malicious boot state as valid, potentially allowing unauthorized or malicious software to run undetected.

This undermines the core integrity guarantees of remote attestation, which is critical for ensuring system trustworthiness.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves improper parsing of EFI_SIGNATURE_LIST structures in the go-attestation library, specifically failing to skip vendor-specific bytes before reading signature entries. Detection would involve analyzing TPM event logs or the trusted measurement database for unexpected or attacker-controlled SHA256 hashes appended to the trusted list.

Since the issue is in the parsing function parseEfiSignatureList(), detection could include verifying the version of the go-attestation library in use and checking for the presence of the vulnerability by reviewing logs or outputs for suspicious SHA256 hashes that do not correspond to legitimate measurements.

No specific commands are provided in the available resources to detect this vulnerability directly on a network or system.

Useful 0 Not Useful 0

Mitigation Strategies

The primary mitigation step is to update the go-attestation library to version 0.6.1 or later, where the vulnerability has been fixed.

The fix includes validating that the SignatureHeaderSize does not exceed the remaining list space and skipping vendor bytes before processing signature entries, preventing attacker-controlled data from being appended to the trusted SHA256 hash list.

Additionally, applying regression tests such as TestParseEfiSignatureListNonZeroSignatureHeaderSize can help ensure the fix is effective.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability allows attacker-controlled arbitrary SHA256 hashes to be injected into the trusted measurement database used by remote attestation verifiers. This undermines the integrity of the boot state verification process, potentially allowing compromised systems to be accepted as trusted.

While the CVE description and resources do not explicitly mention compliance with standards such as GDPR or HIPAA, the integrity compromise of attestation data could indirectly impact compliance by weakening trust in system security and data integrity controls required by these regulations.

Specifically, since the vulnerability enables acceptance of a compromised boot state, it could lead to unauthorized system states that might affect the confidentiality, integrity, and availability of sensitive data, which are core concerns in regulations like GDPR and HIPAA.

Useful 0 Not Useful 0