Git Commit Hash Vulnerability Exposed
Researchers have discovered a vulnerability in Git commit signing, allowing attackers to manipulate commit hashes without breaking SHA2. The flaw, known as 'hash chain malleability,' affects various data representations in commits, including ECDSA signatures, OpenPGP subpackets, and S/MIME envelopes. The vulnerability has been demonstrated to work on popular Git forges like Github.
Key points
- Researchers at arxiv.org have identified a vulnerability in Git commit signing, allowing attackers to manipulate commit hashes without breaking SHA2.
- The flaw, known as 'hash chain malleability,' affects various data representations in commits, including ECDSA signatures, OpenPGP subpackets, and S/MIME envelopes.
- The vulnerability has been demonstrated to work on popular Git forges like Github, allowing attackers to produce a second, distinct commit with an identical tree and metadata.
- The modified commit can cascade to modify the values of all subsequent, dependent commit hashes, compromising hash-based commit blocking and dependency pinning.
- Researchers have identified three malleation routes: algebraic inversion for ECDSA signatures, structural insertion of an unhashed OpenPGP subpacket, and non-canonical DER length re-encoding inside the CMS envelope.
Git Commit Hash Vulnerability Exposed
Researchers at arxiv.org have discovered a vulnerability in Git commit signing, allowing attackers to manipulate commit hashes without breaking SHA2. The flaw, known as 'hash chain malleability,' affects various data representations in commits, including ECDSA signatures, OpenPGP subpackets, and S/MIME envelopes.
The vulnerability has been demonstrated to work on popular Git forges like Github, allowing attackers to produce a second, distinct commit with an identical tree and metadata. This modified commit can cascade to modify the values of all subsequent, dependent commit hashes, compromising hash-based commit blocking and dependency pinning.
Researchers have identified three malleation routes: algebraic inversion for ECDSA signatures, structural insertion of an unhashed OpenPGP subpacket, and non-canonical DER length re-encoding inside the CMS envelope. These vulnerabilities highlight the need for improved security measures in Git commit signing and verification processes.
Sources
The WireByte editorial team synthesises technology news from multiple primary sources, verifies the facts, and links every source. Articles are produced with AI assistance and reviewed under our editorial policy.