Version 5.0.6 Security Update for Virtual Disk
Version 5.0.6: Virtual Disk feature has been updated with a bugfix to address potential security concerns and new security hardening changes have been added. Upgrade strongly recommended.
Even if you are not using USB Virtual Disk feature, everyone should upgrade because you may have enabled it accidentally, and the update ensures the feature is disabled by default, as was originally intended.
Mk3 and older versions do not have this feature and are not affected by this.
While optimizing performance, we noticed a math bug in the way disk size was calculated. A value was 8196 which should have been 8192. The result is four blocks (512 bytes each) past the end of the “virtual” disk were accessible. Due to the design of our hardware, this is an isolated area in a memory chip called the PSRAM. The extra 2k bytes of accessible memory wrap around to the bottom of the PSRAM, where we store the PSBT during the signing process. No other part of the address map is exposed by this bug.
We were not able to find a means to exploit this bug. The 2k of memory already is available for read/write over the USB port. We allow uploads (and downloads) of PSBT into exactly that area.
Further into the audit, we examined the related subsystems for other issues. We found a few, very-limited logic bugs in the in the Micropython and ST Microsystems open-source code that is related to disk emulation. Our conclusion was those were of no impact, but important to improve the overall hardening in this release. In our experience this class of bugs could lead to vulnerabilities, and should be fixed.
We are still very excited about the Virtual Disk as a means for people using the device without computers (phone-first world). As you know we are a paranoid user-first, so any USB feature should always be disabled by default. And air-gap hardware wallet operation—as we pioneered—is still king.
Although this was an internal discovery, we still like to practice Responsible Disclosure.