MUNGE Buffer Overflow Vulnerability Allowing Cryptographic Key Leakage and Credential Forgery

A buffer overflow vulnerability has been identified in MUNGE versions 0.5 through 0.5.17. This vulnerability allows local attackers to leak cryptographic key material from the MUNGE authentication daemon's process memory. The leaked key can be used to forge MUNGE credentials, impersonating any user, including root, to services that rely on MUNGE for authentication. The vulnerability arises from a crafted message with an oversized address length field, which corrupts the daemon's internal state and enables extraction of the MAC subkey used for credential verification. This issue could lead to privilege escalation in environments where MUNGE is used for authentication.

Impact

Exploitation of this vulnerability allows for unauthorized leakage of cryptographic keys, which can be used to forge MUNGE credentials and impersonate any user, including root, to services that use MUNGE for authentication. In high-performance computing environments, this could potentially lead to privilege escalation.

Reproduction

The vulnerability can be reproduced by sending a crafted MUNGE message through the Unix socket used by the MUNGE daemon. The crafted message must include an oversized address length field, which triggers the buffer overflow by writing beyond the allocated memory for the address. This corruption of memory allows for the extraction of the MAC subkey and other sensitive cryptographic materials from the process memory.

Remediation

Users should upgrade to MUNGE version 0.5.18, which addresses the buffer overflow vulnerability. After upgrading, it is recommended to regenerate MUNGE keys on all systems, as the vulnerability could have been exploited before patching, leading to key leakage. Key regeneration requires stopping the MUNGE daemon on all nodes, generating a new key on one node, distributing it to all nodes, and then restarting the daemon on all nodes.