Search CVE reports
1 – 3 of 3 results
CVE-2021-4122
Medium prioritySome fixes available 3 of 4
It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to...
1 affected package
cryptsetup
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cryptsetup | — | Fixed | Fixed | Not affected | Not affected |
CVE-2020-14382
Medium priorityA vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments...
1 affected package
cryptsetup
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cryptsetup | — | — | Fixed | Not affected | Not affected |
CVE-2016-4484
Low priorityThe Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.
1 affected package
cryptsetup
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cryptsetup | Not affected | Not affected | Not affected | Not affected | Ignored |