Bug 506889

Summary: Task injection vulnerability in Krita
Product: [Applications] krita Reporter: Victor Souza <souza_comz>
Component: GeneralAssignee: Krita Bugs <krita-bugs-null>
Status: RESOLVED WORKSFORME    
Severity: normal CC: ghevan, halla
Priority: NOR    
Version First Reported In: 5.2.9   
Target Milestone: ---   
Platform: macOS (DMG)   
OS: macOS   
Latest Commit: Version Fixed In:
Sentry Crash Report:
Attachments: POC-OBJC-Krita-Injection

Description Victor Souza 2025-07-10 21:33:02 UTC 
Created attachment 183146 [details]
POC-OBJC-Krita-Injection

SUMMARY


STEPS TO REPRODUCE
1. Run Krita (/Applications/Krita.app).
2.  Save the following Objective-C code as inject_krita.m. It locates the Krita process, acquires its task port, maps memory, writes ARM64 shellcode, and creates a remote thread in the Krita process. The shellcode writes a file to /tmp/hi_krita
3. Compile the payload: clang -framework Foundation -framework AppKit inject_krita.m -o inject_krita
4. Create an entitlements file named entitlements.plist with the following contents:
'''
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>com.apple.security.get-task-allow</key>
    <true/>
</dict>
</plist>
'''
5. Sign the binary with the entitlement: codesign -s - --entitlements entitlements.plist --options runtime --force inject_krita
6. Run inject_krita
7. If successful, krita will exit and the payload will create /tmp/hi_krita with the contents pwn\n, confirming code execution inside the Krita process.
8. cat /tmp/hi_krita

OBSERVED RESULT
task_for_pid() returns KERN_SUCCESS for the Krita process.
Remote memory mapping, shellcode injection, and thread creation succeed.
The Krita process executes attacker-controlled code.


EXPECTED RESULT
Krita release builds should not include com.apple.security.get-task-allow. This entitlement is intended only for development/debugging builds.
In production, it should be removed to prevent task port abuse and unauthorized code injection by local processes.

SOFTWARE/OS VERSIONS
macOS: 15.5 (Sequoia), Apple Silicon
Linux/KDE Plasma: N/A
KDE Plasma Version: N/A
KDE Frameworks Version: N/A

ADDITIONAL INFORMATION
To verify the entitlement in the Krita binary, run:         
 codesign -dvvvv --entitlements - /Applications/krita.app 

To disable it, just uncheck the options in the hardened runtime in Xcode.
Comment 1 Halla Rempt 2025-07-11 10:22:28 UTC 
We don't use xcode to developer Krita, of course... This entitlement was added to make it possible for users to generate backtraces for bug reports. I'm really not sure why this should be a "vulnerability" given that you're already executing code at the same privilege level as Krita, too, on the same system?
Comment 2 Victor Souza 2025-07-11 12:29:36 UTC 
(In reply to Halla Rempt from comment #1)
> We don't use xcode to developer Krita, of course... This entitlement was
> added to make it possible for users to generate backtraces for bug reports.
> I'm really not sure why this should be a "vulnerability" given that you're
> already executing code at the same privilege level as Krita, too, on the
> same system?

Hi Halla, I totally understand what you mean. It turns out that on macOS, by default, it's common for an application to only run what's in its sandbox. Even if the attacker already has local privileges, using this entitlement significantly lowers the barrier to escalating the attack to other trusted processes (like Krita), and can be combined with other techniques to exploit user data, abuse UI spoofing, keylogging, etc. I think it's important because it's not just theoretical; the BlueNoroff APT recently used this same technique, which can be read about in the Huntress article: https://www.huntress.com/blog/inside-bluenoroff-web3-intrusion-analysis
Comment 3 vanyossi 2025-07-11 20:05:55 UTC 
Does this vulnerability works on krita from the macStore or only works (or was tested) for krita downloaded from krita.org?
Comment 4 vanyossi 2025-07-11 20:15:58 UTC 
ok, ran the test using sandboxed krita.app (from the store)

this are the results 

daedalus@dinamus:krita/test_files/task_allow $ ./inject_krita
2025-07-11 14:10:47.248 inject_krita[38057:3650901] [*] Searching for Krita process...
2025-07-11 14:10:47.258 inject_krita[38057:3650901] [+] Found Krita with PID: 37960
2025-07-11 14:10:47.258 inject_krita[38057:3650901] [+] Attempting to get task port...
2025-07-11 14:10:47.258 inject_krita[38057:3650901] [-] Failed to get task for pid 37960: 5 (0x5)

The entitlement does not break the sandbox. 

however it also does not work running krita installed from our website, neither running any dev build.
I followed the exact steps from this report.

What could be missing?
Comment 5 Bug Janitor Service 2025-07-26 03:46:38 UTC 
๐Ÿ›๐Ÿงน โš ๏ธ This bug has been in NEEDSINFO status with no change for at least 15 days. Please provide the requested information, then set the bug status to REPORTED. If there is no change for at least 30 days, it will be automatically closed as RESOLVED WORKSFORME.

For more information about our bug triaging procedures, please read https://community.kde.org/Guidelines_and_HOWTOs/Bug_triaging.

Thank you for helping us make KDE software even better for everyone!
Comment 6 Bug Janitor Service 2025-08-10 03:46:27 UTC 
๐Ÿ›๐Ÿงน This bug has been in NEEDSINFO status with no change for at least 30 days. Closing as RESOLVED WORKSFORME.