CVE-2025-64429

Name of the Vulnerable Software and Affected Versions DuckDB versions 1.4.0 through 1.4.1

Description DuckDB, a SQL database management system, contains issues related to its block-based encryption implementation introduced in version 1.4.0. The system can fall back to an insecure random number generator (pcg32) for cryptographic key or IV generation. The compiler may remove the memset() function when clearing keys from memory, potentially leaving sensitive data on the heap. An attacker could modify the database header to downgrade the encryption mode from GCM to CTR, bypassing integrity checks. There may be a failure to check the return value of the OpenSSL rand bytes() call. Exploitation could allow an attacker to use public IVs to compromise the internal state of the RNG, determine randomly generated keys used to encrypt temporary files, gain access to cryptographic keys if they have access to process memory, circumvent GCM integrity checks, and/or influence the OpenSSL random number generator.

Recommendations Versions prior to 1.4.2 are affected. Update to version 1.4.2 or later, which disables the insecure random number generator and uses secure MbedTLS primitives to clear memory. Additionally, ensure explicit specification of ciphers without integrity checks like CTR on ATTACH.