CVE-2025-64429: 
DuckDB vulnerability analysis and mitigation

CVE-2025-64429 is a security vulnerability discovered in DuckDB's database encryption implementation, affecting versions 1.4.0 and above, and patched in version 1.4.2. The vulnerability was disclosed on November 12, 2025. The issue involves multiple weaknesses in the cryptographic implementation, including the potential use of an insecure random number generator, improper memory clearing of encryption keys, possible encryption downgrade attacks, and inadequate validation of cryptographic operations (DuckDB Advisory).

The vulnerability comprises four distinct technical issues: 1) The use of pcg32, a non-cryptographically secure random number generator with only 127 bits of internal state, for generating cryptographic keys and IVs when using the Mbed TLS implementation. 2) Usage of std::memset() for clearing cryptographic keys from memory, which could be optimized out by compilers, leaving sensitive data exposed. 3) A design flaw allowing attackers to modify database headers to downgrade encryption from GCM (with integrity checks) to CTR mode. 4) Failure to verify the return value of OpenSSL's rand_bytes() function, potentially leading to deterministic values for IVs and keys (DuckDB Advisory).

The vulnerability could allow attackers to: 1) Compromise the internal state of the random number generator using public IVs to determine encryption keys for temporary files, 2) Access cryptographic keys through process memory if a memory leak exists, 3) Bypass GCM integrity checks through encryption downgrade attacks, and 4) Potentially influence the OpenSSL random number generator without detection, leading to predictable keys (DuckDB Advisory).

DuckDB has addressed these vulnerabilities in version 1.4.2 through several measures: 1) Disabling the insecure random number generator and requiring OpenSSL implementation through the httpfs extension, 2) Implementing secure MbedTLS primitive for memory clearing, 3) Requiring explicit specification of ciphers without integrity checks, and 4) Adding proper return value checking for cryptographic operations (DuckDB Advisory).