CVE-2016-6225: Percona Xtrabackup Encryption IV Not Being Set ProperlyDavid Busby
Note: this does not affect encryption of encrypted InnoDB tables.
Percona XtraBackup versions older than 2.3.6 or 2.4.5 suffered an issue of not properly setting the Initialization Vector (IV) for encryption. This could allow someone to carry out a Chosen-Plaintext Attack, which could recover decrypted content from the encrypted backup files without the need for a password.
Percona XtraBackup carries backward compatibility to allow for the decryption of older backup files. However, encrypted backup files produced by the versions that have the fix will not be compatible with older versions of Percona XtraBackup.
Access to the encrypted files must already be present for exploitation to occur. So long as you adequately protect the encrypted files, we don’t expect this issue to adversely affect users.
Percona would like to thank and give credit to Ken Takara for discovering this issue and working it through to PoC exploitation.
- We originally note the issue in https://bugs.launchpad.net/percona-xtrabackup/+bug/1185343 (CVE-2013-6394) and marked it as addressed in Percona XtraBackup 2.1.6 Release Notes. This did not completely fix the issue, however. We are confident it has now been fully addressed.
- The 2016 bug report for this can be found here: https://bugs.launchpad.net/percona-xtrabackup/+bug/1643949