Critical flaw in Pidgin, Adium's Off The Record chat lib. Patch ASAP
Not on version 4.1.1 of libotr? Now is a good time to upgrade
Security researchers have discovered a critical vulnerability in libotr, a software library used in chat apps to send and receive encrypted messages.
Several instant messengers – including ChatSecure, Pidgin, Adium and Kopete – are affected by the remote-code execution bug in libotr, which was discovered by Markus Vervier at German application security outfit X41 D-Sec.
The memory corruption flaw can be exploited by an attacker to inject malicious code into applications and execute the payload. Miscreants just have to send a specially crafted large message to a victim to trigger the bug and gain a foothold on their system.
Exploitation is, thankfully, far from trivial, as the researchers explain in an advisory note.
In order to successfully trigger the vulnerability, an attacker must be able to send a data message of more than 5.5 gigabytes to a victim in order to pass the check "require_len(datalen)". Due to the support of fragmented OTR messages assembled by libotr this is possible in practice.
By sending 275 messages of size 20MB each, X41 was able to make libotr process such a data message successfully on a system with 8GB of ram and 15GB of swap space. As data types for lenp and other lengths of the message are 64 bit large size_t types on x86_64 architectures huge messages of multiple gigabytes are possible. Sending such a message to a pidgin client took only a few minutes on a fast network connection without visible signs of any attack to a user.
Version 4.1.0 and below of libotr is vulnerable, so it's time to upgrade to the patched version, libotr 4.1.1. Some users can just update the library on their system and restart their client, while others should install a patched version of their chat app. Adium 18.104.22.168, released this week, uses the fixed libotr, for example.
The vulnerability was discovered during an internal code audit at X41 D-Sec.
Off-the-Record Messaging (OTR) is a protocol for swapping end-to-end-encrypted messages in non-encrypted instant chat systems. ®