CVE CyberSecurity Database News

CVE-2022-1197 - The Thunderbird Revoked Key Import Bug Explained

Poster -

Thunderbird is a very popular open-source email client that millions of people trust for sending and receiving emails securely. In early 2022, security researchers discovered a surprising vulnerability affecting how Thunderbird handled revoked cryptographic keys, which let attackers potentially abuse previously compromised keys. This post breaks down CVE-2022-1197, how it works, what was at risk, and how you can protect yourself.

What is CVE-2022-1197?

CVE-2022-1197 is a vulnerability in Thunderbird (all versions _before_ 91.8) where the email client failed to correctly update imported GPG/PGP keys if those keys had been revoked specifically due to *key compromise*.

If a user previously imported someone’s public key and that key became compromised (for example, stolen or leaked), the owner would “revoke” the key and publish this revocation certificate with the reason “key compromise”. But Thunderbird would not update the existing key as revoked if the key’s owner cited this specific reason. If another revocation reason was used (like “retiring key” or “no longer used”), Thunderbird updated the key correctly.

This means that _even after being revoked for security,_ compromised keys still appeared valid to Thunderbird users. Attackers could take advantage of this by using revoked keys to impersonate others or decrypt sensitive messages.

Let's break it down step-by-step

### 1. Alice generates a GPG/PGP key and shares it publicly.

gpg --gen-key

2. Bob imports Alice's public key into Thunderbird.

### 3. Alice discovers her private key is compromised. She creates a revocation certificate with reason 'key compromise'

gpg --edit-key alice@example.com
> revoke
# Choose "key has been compromised" as the reason
> save

As a result, Bob's copy of Alice’s key remains “active” and valid!

- If Alice had revoked for “retired” or no reason, Bob’s Thunderbird updates and marks the key as revoked.

Below is a pseudocode representation of the logic error

if revocation_reason != "key compromise":
    mark_key_as_revoked()
else:
    # Do nothing; key remained as valid (vulnerable behavior!)

Anyone running Thunderbird before version 91.8

- Anyone relying on GPG/PGP-encrypted email and key management inside Thunderbird

Alice revokes her key with “key compromise” reason.

3. Bob (the recipient) imports the revocation certificate into Thunderbird before updating his client.

Thunderbird fails to flag key as revoked, so Bob thinks everything’s safe.

5. Attacker can still use the compromised key to decrypt messages, or send spoofed, signed emails posing as Alice.

Patched in: Thunderbird 91.8

- Bugzilla entry: https://bugzilla.mozilla.org/show_bug.cgi?id=1763191
- NVD advisory

Patch Summary:  
Thunderbird now *correctly* marks keys as revoked regardless of the revocation reason.

Encourage contacts to generate new keys if theirs were ever compromised.

> Tip: To view the status of a key in Thunderbird,
> 1. Go to Account Settings > End-to-End Encryption
> 2. Click 'View Keys'
> 3. Find your contact and ensure the key shows as “revoked” if you’re aware it’s been compromised.

Further Reading

- Mozilla Security Advisory
- Thunderbird Release Notes 91.8.
- NVD entry for CVE-2022-1197
- Bugzilla discussion

Summary

CVE-2022-1197 exposed a dangerous hole in Thunderbird’s handling of revoked encryption keys. For anyone relying on OpenPGP encryption in email, keeping Thunderbird up to date is essential—especially when revocation is your only hope after a key compromise. Stay vigilant, stay patched, and always verify your keyrings if you hear about a contact’s key being revoked.

Feel free to share this article or check your Thunderbird version today!

Timeline

Published on: 12/22/2022 20:15:00 UTC
Last modified on: 12/29/2022 16:40:00 UTC