Security:Important security updates
Important security updates are updates for Trezor device firmware by SatoshiLabs. These updates bring better security for Trezor users.
History of Trezor important security firmware updates:
Contents
- 1 7 August 2019 - Firmware update 1.8.2 (Trezor One)
- 2 18 December 2018 - Firmware update 1.7.2 (Trezor One)
- 3 29 October 2018 - Firmware update 1.7.1 (Trezor One)
- 4 30 August 2018 - Firmware update 1.6.3 (Trezor One)
- 5 25 June 2018 - Firmware updates 1.6.2 (Trezor One)
- 6 21 March 2018 - Firmware update 1.6.1 (Trezor One)
- 7 16 August 2017 - Firmware update 1.5.2 (Trezor One)
- 8 26 March 2015 - Firmware update 1.3.3 (Trezor One)
- 9 23 February 2015 - Firmware update 1.3.1 (Trezor One)
- 10 30 July 2014 - Firmware update 1.2.0 (Trezor One)
7 August 2019 - Firmware update 1.8.2 (Trezor One)[edit]
The firmware update addresses a side channel attack discovered by Christian Reitter which affects devices with row-based OLED displays. Attacker could, potentially, create a USB cable (or replace a part of the embedded USB connector) to measure power-consumption measurements of the screen when sensitive data is displayed.
To mitigate the issue, Trezor running the 1.8.2 (or newer) firmware illuminates pixels on the screen of the device when any potentially sensitive information is displayed (PIN matrix, seed words) to obscure the power-consumption required to display sensitive information.
For more information about this firmware update see also Details of the OLED Vulnerability and its Mitigation.
18 December 2018 - Firmware update 1.7.2 (Trezor One)[edit]
The firmware update fixes a security issue located in the U2F subsystem that we have discovered internally on November 26th. Several other vendors were also affected by this issue, which influenced aspects of the disclosure process. The C/C++ reference implementation for U2F by Yubico contained broken definition of a struct which can leak bytes from RAM via USB. The bug was fixed by updating the structure definition to a new correct one. It was found during research by Christian Reitter in coordination with Dr Jochen Hoenicke and was immediately disclosed.
For more information about this firmware update see also Details about the security updates in Trezor One firmware 1.7.2.
29 October 2018 - Firmware update 1.7.1 (Trezor One)[edit]
The firmware update implements fixes to vulnerabilities found in bech32_decode and cash_decode functions. Christian Reitter and Dr Jochen Hoenicke disclosed the vulnerabilities on 26th September 2018 and 24th October 2018, respectively.
While not affecting the security of protected data, these vulnerabilities could potentially open possibilities for a denial of service-type attack-which would turn the device off.
For more information about this firmware update see also Details about the security updates in Trezor One firmware 1.7.1.
30 August 2018 - Firmware update 1.6.3 (Trezor One)[edit]
This update expanded the scope of the firmware update 1.6.1. This vulnerability was reported by Sunny. Security update in firmware 1.6.1 could be extended to cover for another attack vector of the same type.
Therefore SatoshiLabs made the MPU rules stricter in this update, preventing another class of potential attacks. To reflect the improvements, this firmware update updates bootloader as well.
For more information about this firmware update see also Trezor One firmware update 1.6.3.
25 June 2018 - Firmware updates 1.6.2 (Trezor One)[edit]
The firmware update contained security improvements by efforts of Christian Reitter and Jochen Hoenicke.
For more information about this firmware update see also June updates Trezor One firmware wallet, Zcash, CashAddr, Doge.
21 March 2018 - Firmware update 1.6.1 (Trezor One)[edit]
Incident: STM32F205 chip issue
Detail: The bootloader memory write-protection is not working as intended in the STM32F205, which is used in the Trezor One. The issue was solved by activating the Memory Protection Unit, keeping the bootloader safe from unauthorized write-access.
This vulnerability was reported by Saleem Rashid and was fixed in 35 days.
For more information about this firmware update see also Trezor One firmware update 1.6.1 and Trezor security updates timeline
16 August 2017 - Firmware update 1.5.2 (Trezor One)[edit]
Incident: SRAM memory access
Detail: The SRAM was not cleared on soft reset, allowing extraction using special firmware and direct access to the device board.
This vulnerability was reported by Sunny and was fixed in 8 days.
For more information about this firmware update see also Trezor firmware security update 1.5.2 and Trezor security updates timeline
26 March 2015 - Firmware update 1.3.3 (Trezor One)[edit]
Incident: Possible key extraction with an oscilloscope
Detail: With physical access to the device and an oscilloscope, the private key could have been extracted from the device.
This vulnerability was reported by Jochen Hoenicke and was fixed in 4 days.
For more information see also Trezor security updates timeline
23 February 2015 - Firmware update 1.3.1 (Trezor One)[edit]
Incident: SpendMultisig malicious change in transaction
Detail: A specially crafted multisig transaction could contain a change output of an attacker, which wasn't confirmed by the user.
This vulnerability was reported by Nicolas Bacca and was fixed in 1 day.
For more information see also Trezor security updates timeline
30 July 2014 - Firmware update 1.2.0 (Trezor One)[edit]
Incident: Malicious ScriptSig in transaction
Detail: A specially crafted transaction could extract the private key. Knowledge of PIN and passphrase was required.
This vulnerability was reported by Nicolas Bacca and was fixed in 4 hours.
For more information see also Trezor security updates timeline