diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-01-14 05:24:07 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-01-14 17:59:55 +0100 |
commit | d4f4bf11e34db496e8f46f7b4f67b886ce852495 (patch) | |
tree | d6b123f8be106078b2c912095d95479d8c592ed9 /EFI | |
parent | 1d3ade18ad1e71f28678eca06d96fe4dbaf8dedc (diff) | |
download | current-d4f4bf11e34db496e8f46f7b4f67b886ce852495.tar.gz |
Fri Jan 14 05:24:07 UTC 202220220114052407
a/cryptsetup-2.4.3-x86_64-1.txz: Upgraded.
This update addresses a multi-step attack on LUKS2 format by orchestrating
LUKS2 reencryption metadata in existing LUKS2 header. An attacker is able to
trigger permanent data decryption (ciphertext->plaintext transformation) on
part of data device on next LUKS2 device activation. Attacker does _not_
have to know passphrase or decrypted volume encryption key.
cryptsetup versions older than 2.2.0 are not affected by this, because they
do not support online LUKS2 reencryption.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4122
(* Security fix *)
Diffstat (limited to 'EFI')
0 files changed, 0 insertions, 0 deletions