DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-C7PH-F7JM-XV4W: Trust But Verify? Nah. Breaking rPGP's Integrity Checks

#security #cve #cybersecurity #ghsa

Trust But Verify? Nah. Breaking rPGP's Integrity Checks

Vulnerability ID: GHSA-C7PH-F7JM-XV4W
CVSS Score: 6.5
Published: 2026-02-13

A critical logic flaw in the rPGP OpenPGP implementation allowed attackers to bypass message integrity checks. By failing to strictly verify the Modification Detection Code (MDC) in encrypted packets, the library exposed applications like Delta Chat to ciphertext manipulation and 'In-Band Signaling' attacks. This vulnerability highlights the dangers of legacy OpenPGP complexity even in modern, memory-safe languages like Rust.

TL;DR

rPGP failed to consistently verify the cryptographic integrity (MDC) of encrypted messages. This allowed Man-in-the-Middle attackers to modify ciphertext without detection, leading to potential data exfiltration via 'In-Band Signaling' attacks in downstream applications like Delta Chat.

⚠️ Exploit Status: POC

Technical Details

  • CWE: CWE-347 (Improper Verification of Cryptographic Signature)
  • Attack Vector: Network (Man-in-the-Middle)
  • CVSS v3.1: 6.5 (Medium)
  • Impact: Integrity Loss / Data Exfiltration
  • Affected Protocol: OpenPGP (SEIP / Tag 18)
  • Fix Version: 0.11.0

Affected Systems

  • rPGP (Rust OpenPGP implementation)
  • Delta Chat (Desktop and Mobile)
  • Any Rust application using pgp crate <= 0.10.2
  • rPGP: <= 0.10.2 (Fixed in: 0.11.0)
  • Delta Chat Core: < 1.132.0 (Fixed in: 1.132.0)

Code Analysis

Commit: unknown

Release v0.11.0 containing fixes for MDC verification and other cryptographic issues.

N/A (Multiple PRs merged)
Enter fullscreen mode Exit fullscreen mode

Exploit Details

Mitigation Strategies

  • Strict enforcement of MDC verification
  • Adoption of AEAD (RFC 9580) encryption modes
  • Rejection of deprecated SE (tag 9) packets

Remediation Steps:

  1. Update rPGP crate to version >= 0.11.0.
  2. Rebuild application to ensure the new library version is linked.
  3. Audit application logic to ensure decryption errors result in a total drop of the message, not a warning.
  4. For Delta Chat users, update to desktop/mobile v1.44+.

References

Read the full report for GHSA-C7PH-F7JM-XV4W on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)