CVE-2020-15237 (shrine): Possible timing attack in derivation_endpoint

Possible timing attack in derivation_endpoint

Published: October 05, 2020

SECURITY IDENTIFIERS

CVE: CVE-2020-15237 (NVD)
GHSA: GHSA-5jjv-x4fq-qjwp
Vendor Advisory: https://github.com/shrinerb/shrine/security/advisories/GHSA-5jjv-x4fq-qjwp

GEM

shrine

SEVERITY

CVSS v3.x: 5.9 (Medium)

PATCHED VERSIONS

>= 3.3.0

DESCRIPTION

Impact

When using the derivation_endpoint plugin, it's possible for the attacker to use a timing attack to guess the signature of the derivation URL.

Patches

The problem has been fixed by comparing sent and calculated signature in constant time, using Rack::Utils.secure_compare. Users using the derivation_endpoint plugin are urged to upgrade to Shrine 3.3.0 or greater.

Workarounds

Users of older Shrine versions can apply the following monkey-patch after loading the derivation_endpoint plugin:

class Shrine
  class UrlSigner
    def verify_signature(string, signature)
      if signature.nil?
        fail InvalidSignature, &quot;missing \&quot;signature\&quot; param&quot;
      elsif !Rack::Utils.secure_compare(signature, generate_signature(string))
        fail InvalidSignature, &quot;provided signature does not match the calculated signature&quot;
      end
    end
  end
end

References

You can read more about timing attacks here.

RubySec