Lucene search

K
almalinuxAlmaLinuxALSA-2022:0370
HistoryFeb 01, 2022 - 8:13 p.m.

Moderate: cryptsetup security update

2022-02-0120:13:30
errata.almalinux.org
18
cryptsetup
security update
encryption
header rewrite
vulnerability
cve-2021-4122
cvss score

CVSS3

4.3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

30.2%

The cryptsetup packages provide a utility for setting up disk encryption using the dm-crypt kernel module.

Security Fix(es):

  • cryptsetup: disable encryption via header rewrite (CVE-2021-4122)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVSS3

4.3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

EPSS

0.001

Percentile

30.2%