Security:Important security updates
Important security updates are updates for Trezor device firmware by SatoshiLabs. These updates bring better security for Trezor users.
History of Trezor important security firmware updates:
Contents
- 1 18 December 2018 - Firmware update 1.7.2 (Trezor One)
- 2 29 October 2018 - Firmware update 1.7.1 (Trezor One)
- 3 30 August 2018 - Firmware update 1.6.3 (Trezor One)
- 4 25 June 2018 - Firmware updates 1.6.2 (Trezor One)
- 5 21 March 2018 - Firmware update 1.6.1 (Trezor One)
- 6 16 August 2017 - Firmware update 1.5.2 (Trezor One)
- 7 26 March 2015 - Firmware update 1.3.3 (Trezor One)
- 8 23 February 2015 - Firmware update 1.3.1 (Trezor One)
- 9 30 July 2014 - Firmware update 1.2.0 (Trezor One)
18 December 2018 - Firmware update 1.7.2 (Trezor One)[edit]
The firmware update fixes a security issue located in the U2F subsystem that we have discovered internally on November 26th. Several other vendors were also affected by this issue, which influenced aspects of the disclosure process. The C/C++ reference implementation for U2F by Yubico contained broken definition of a struct which can leak bytes from RAM via USB. The bug was fixed by updating the structure definition to a new correct one. It was found during research by Christian Reitter in coordination with Dr Jochen Hoenicke and was immediately disclosed.
For more information about this firmware update see also this blog.
29 October 2018 - Firmware update 1.7.1 (Trezor One)[edit]
The firmware update implements fixes to vulnerabilities found in bech32_decode and cash_decode functions. Christian Reitter and Dr Jochen Hoenicke disclosed the vulnerabilities on 26th September 2018 and 24th October 2018, respectively.
While not affecting the security of protected data, these vulnerabilities could potentially open possibilities for a denial of service-type attack-which would turn the device off.
For more information about this firmware update see also this blog.
30 August 2018 - Firmware update 1.6.3 (Trezor One)[edit]
This update expanded the scope of the firmware update 1.6.1. This vulnerability was reported by Sunny. Security update in firmware 1.6.1 could be extended to cover for another attack vector of the same type.
Therefore SatoshiLabs made the MPU rules stricter in this update, preventing another class of potential attacks. To reflect the improvements, this firmware update updates bootloader as well.
For more information about this firmware update see also this blog.
25 June 2018 - Firmware updates 1.6.2 (Trezor One)[edit]
The firmware update contained security improvements by efforts of Christian Reitter and Jochen Hoenicke.
For more information about this firmware update see also this blog.
21 March 2018 - Firmware update 1.6.1 (Trezor One)[edit]
Incident: STM32F205 chip issue
Detail: The bootloader memory write-protection is not working as intended in the STM32F205, which is used in the Trezor One. The issue was solved by activating the Memory Protection Unit, keeping the bootloader safe from unauthorized write-access.
This vulnerability was reported by Saleem Rashid and was fixed in 35 days.
For more information about this firmware update see also this blog and trezor security past incidents timeline
16 August 2017 - Firmware update 1.5.2 (Trezor One)[edit]
Incident: SRAM memory access
Detail: The SRAM was not cleared on soft reset, allowing extraction using special firmware and direct access to the device board.
This vulnerability was reported by Sunny and was fixed in 8 days.
For more information about this firmware update see also this blog and trezor security past incidents timeline
26 March 2015 - Firmware update 1.3.3 (Trezor One)[edit]
Incident: Possible key extraction with an oscilloscope
Detail: With physical access to the device and an oscilloscope, the private key could have been extracted from the device.
This vulnerability was reported by Jochen Hoenicke and was fixed in 4 days.
For more information see also this trezor security past incidents timeline
23 February 2015 - Firmware update 1.3.1 (Trezor One)[edit]
Incident: SpendMultisig malicious change in transaction
Detail: A specially crafted multisig transaction could contain a change output of an attacker, which wasn't confirmed by the user.
This vulnerability was reported by Nicolas Bacca and was fixed in 1 day.
For more information see also this trezor security past incidents timeline
30 July 2014 - Firmware update 1.2.0 (Trezor One)[edit]
Incident: Malicious ScriptSig in transaction
Detail: A specially crafted transaction could extract the private key. Knowledge of PIN and passphrase was required.
This vulnerability was reported by Nicolas Bacca and was fixed in 4 hours.
For more information see also this trezor security past incidents timeline
