OpenBao OCI Plugin Downloader Unbounded Decompression Leading to Denial-of-Service Vulnerability
Vulnerability
A denial-of-service vulnerability has been identified in OpenBao versions through 2.5.2. The issue arises in the OCI plugin downloader's 'ExtractPluginFromImage()' function, which extracts plugin binaries from container images by streaming decompressed tar data without any limit on the amount of data written. This flaw allows an attacker to exploit a compromised OCI registry by delivering a crafted image that includes a decompression bomb, which unpacks into a disproportionately large file. The vulnerability causes disk exhaustion on the OpenBao server, as the SHA256 integrity check is performed only after the entire file has been written, allowing the hash mismatch to be detected only after the damage has been done. This exploitation can disrupt co-located services and, if the extraction process is interrupted, leave behind partial files that are not automatically cleaned up.
Impact
Exploitation of this vulnerability leads to disk exhaustion on the OpenBao server, causing a denial-of-service condition. This can also disrupt co-located services, such as databases or other applications, that fail when the disk is full. Additionally, if the OpenBao process is terminated while extracting a malicious plugin, the incomplete file remains on disk and is not removed. The vulnerability can be repeatedly exploited, as the decompression bomb is re-downloaded on service restart or when the 'plugin_auto_download' option is enabled.
Reproduction
To reproduce this vulnerability, set up a malicious OCI registry and create a decompression bomb by using a command that writes a large file (e.g., 100 GiB) into a tar archive. This bomb can then be packaged into an OCI image and pushed to the malicious registry. After configuring OpenBao to use this registry and enabling automatic plugin downloads, the image is loaded, causing the disk to fill up and create a denial-of-service condition.
Remediation
Users are advised to update to OpenBao version 2.5.3, where this vulnerability has been patched.