Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <1264abf4-fd7f-4892-b9c4-864e4d21a742@oracle.com>
Date: Fri, 22 Aug 2025 15:17:19 -0700
From: Alan Coopersmith <alan.coopersmith@...cle.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2025-43023 in HPLIP for Use of 1024-bit DSA Key

CVE-2025-43023 is a bit of an odd vulnerability.

https://support.hp.com/us-en/document/ish_12804224-12804228-16/hpsbpi04033
says:

   HP Linux Imaging and Printing Software - Use of DSA Key

   A potential security vulnerability has been identified in the HP Linux Imaging
   and Printing Software documentation. This potential vulnerability is due to
   the use of a weak code signing key, Digital Signature Algorithm (DSA).

https://www.aqtiveguard.com/blog/how-a-vulnerability-found-by-aqtive-guard-in-hps-software-led-to-a-fast-collaborative-fix-and-shows-why-cryptographic-visibility-matters
further elaborates:

   ...  while working on improving our analysis engine and without actively
   looking, we found an insecure and non-compliant code signing key (1024-bit
   DSA) for a widespread Linux driver published by HP. We also uncovered that
   the official installation procedure is vulnerable to a key spoofing attack
   which can lead to the successful verification of malicious code for software
   running with ROOT privileges. This vulnerability has now been assigned
   CVE-2025-43023. Additionally, we noticed that a deceptive key that makes
   use of this vulnerability has been published by an unknown developer.

Later on in the blog post they show the 1024-bit DSA key is used to produce
the hplip-3.25.2.tar.gz.asc signature used to verify the contents of the
hplip-3.25.2.tar.gz source release - suggesting that there is no bug in the
code itself, if you are sure you have the authentic source code, which this
less secure signature algorithm may make you question, especially as they
show collisions for the short key id specified in the verification instructions:
https://pgp.mit.edu/pks/lookup?search=0xA59047B9&op=index

They state that HP has signed the packages now with a new RSA 4096 bit key,
and HP includes the key directly in their docs now, with a full fingerprint:
https://developers.hp.com/hp-linux-imaging-and-printing/hplipDigitalCertificate.html
instead of telling users to download from a keyserver using the short id, as
they previously did (which appears to be why HP's advisory says the vulnerability
is in the documentation).

The blog also notes that some distros have patched their hplip packages to
rely on the bundled signing key instead of downloading from keyservers:
https://sources.debian.org/patches/hplip/3.22.10%2Bdfsg0-2/0036-Don-t-gpg-import-but-rely-on-installed-signing_key.a.patch/

-- 
         -Alan Coopersmith-                 alan.coopersmith@...cle.com
          Oracle Solaris Engineering - https://blogs.oracle.com/solaris

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.