GHSA-25pw-4h6w-qwvm

Описание

Summary

In openclaw@2026.2.25, BlueBubbles group authorization could incorrectly treat DM pairing-store identities as group allowlist identities when dmPolicy=pairing and groupPolicy=allowlist.

A sender that was only DM-paired (not explicitly present in groupAllowFrom) could pass group sender checks for message and reaction ingress.

Per OpenClaw's SECURITY.md trust model, this is a constrained authorization-consistency issue, not a multi-tenant boundary bypass or host-privilege escalation.

Affected Packages / Versions

• Package: openclaw (npm)
• Latest published npm version at triage time: 2026.2.25
• Affected versions: <= 2026.2.25
• Patched versions: >= 2026.2.26 (planned next release)

Technical Details

Root cause was DM/group allowlist composition where DM pairing-store identities could flow into group authorization decisions.

Fix approach:

• centralize DM/group authorization composition via shared resolvers
• remove local DM/group list recomposition at channel callsites
• add cross-channel regression coverage for message + reaction ingress
• add CI guard to block future pairing-store leakage into group auth composition

Impact

• Affects deployments using BlueBubbles with groupPolicy=allowlist and dmPolicy=pairing when pairing-store entries are present.
• Could allow DM-authorized identities to be treated as group-authorized without explicit groupAllowFrom membership.
• Does not bypass gateway auth, sandbox boundaries, or create new host-level privilege beyond existing DM authorization.

Fix Commit(s)

• 051fdcc428129446e7c084260f837b7284279ce9

Release Process Note

patched_versions is pre-set to the planned next release (2026.2.26) so once npm 2026.2.26 is published, this advisory can be published without further content edits.

OpenClaw thanks @tdjackey for reporting.