A security vulnerability has been identified in the openssl_private_decrypt function in PHP when using PKCS1 padding (OPENSSL_PKCS1_PADDING), which is the default setting. This particular issue has been dubbed the "Marvin Attack" and can compromise PHP applications that utilize these vulnerable configurations. To mitigate this threat, it is essential to ensure that your PHP runtime is configured with an OpenSSL version that addresses the issue.

Discovering the Vulnerability

The Marvin Attack affects the openssl_private_decrypt function in PHP, which is vulnerable to exploitation when it employs the PKCS1 padding (OPENSSL_PKCS1_PADDING) configuration. The vulnerability was discovered and reported by security researchers examining the rsa_pkcs1_implicit_rejection code changes in OpenSSL, which are incorporated in the following pull request: https://github.com/openssl/openssl/pull/13817.

Exploit Details - The Marvin Attack

With the Marvin Attack, attackers can exploit the flaw in the openssl_private_decrypt function to force PHP applications to expose sensitive information, execute arbitrary code, or even crash the application altogether. The attack is particularly dangerous since the vulnerable configuration is set as the default padding option.

Safeguarding your PHP implementation

To mitigate the risk of falling victim to the Marvin Attack, you should ensure that your PHP runtime is compiled with an OpenSSL version which contains the necessary rsa_pkcs1_implicit_rejection changes. These changes are present in OpenSSL 3.2 and have also been backported to stable releases across various Linux distributions. Additionally, PHP builds for Windows have been updated to include these OpenSSL patches since the previous release.

To demonstrate that your environment is adequately protected, you can use the following code snippet

<?php
$openssl_version = openssl_get_version();
if (strpos($openssl_version, 'OpenSSL 3.2') !== false) {
    echo "Your system is secured against the Marvin Attack.";
} else {
    echo "WARNING: Your system is vulnerable to the Marvin Attack. Please update your OpenSSL version.";
}
?>

Updating PHP Windows builds

For those using Windows systems, it is crucial to ensure that the PHP builds you are using have the OpenSSL patches in place to address the Marvin Attack. Specifically, the following PHP Windows builds are confirmed to include the necessary patches:

Final Thoughts

To protect your PHP applications from the Marvin Attack, it is essential to ensure that your PHP runtime environment employs an OpenSSL version that includes the rsa_pkcs1_implicit_rejection changes. By taking the necessary precautions and updating your PHP builds and OpenSSL versions as needed, you can safeguard your PHP applications and keep your systems secure.

Timeline

Published on: 06/09/2024 20:15:09 UTC
Last modified on: 06/13/2024 04:15:16 UTC