Description
S3QL before 2.27 mishandles checksumming, and consequently allows replay attacks in which an attacker who controls the backend can present old versions of the filesystem metadata database as up-to-date, temporarily inject zero-valued bytes into files, or temporarily hide parts of files. This is related to the checksum_basic_mapping function.
References (3)
Core 3
Core References
Exploit, Third Party Advisory x_refsource_confirm
https://bitbucket.org/nikratio/s3ql/issues/272/t3_verifypy-test_retrieve-sometimes-fails
Mailing List x_refsource_confirm
https://groups.google.com/forum/#%21topic/s3ql/4TzCVIMkA4o
Patch, Third Party Advisory x_refsource_confirm
https://bitbucket.org/nikratio/s3ql/commits/85aba5c2d5c81453a73a50ed638adaeef0521020
Scores
CVSS v3
7.5
EPSS
0.0027
EPSS Percentile
50.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-20
Status
published
Products (1)
s3ql_project/s3ql
< 2.27
Published
Jun 10, 2018
Tracked Since
Feb 18, 2026