79 matches found
EUVD-2019-4703
Malware in sbrugna...
EUVD-2019-4702
Malware in sbrugna...
EUVD-2023-40429
Malicious code in bioql PyPI...
EUVD-2024-40256
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2019-13179
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable...
Linux Distros Unpatched Vulnerability : CVE-2019-13178
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and...
CVE-2023-36476
calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted /boot, on either non-UEFI systems or with a LU...
CVE-2024-43378
calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitio...
Calamares Branding and Modules for NixOS 安全漏洞
Calamares Branding and Modules for NixOS is an open source module for NixOS. A security vulnerability exists in Calamares Branding and Modules for NixOS prior to version 0.3.17, which stems from a manual disk partition creation setting in the graphical installer, where the LUKS disk encryption ke...
CVE-2024-43378
CVE-2024-43378 concerns calamares-nixos-extensions prior to version 0.3.17, where the installer’s legacy BIOS flow could leave the LUKS keyfile in plaintext in /crypto_keyfile.bin or in a CPIO archive attached to the NixOS initrd for partitions containing / or /boot. Red Hat and CVE records summa...
CVE-2024-43378 calamares-nixos-extensions LUKS keyfile exposure regression on legacy BIOS systems
calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitio...
CVE-2024-43378 calamares-nixos-extensions LUKS keyfile exposure regression on legacy BIOS systems
calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitio...
CVE-2024-43378 calamares-nixos-extensions LUKS keyfile exposure regression on legacy BIOS systems
calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitio...
PT-2024-30540 · Unknown · Calamares-Nixos-Extensions
Name of the Vulnerable Software and Affected Versions: calamares-nixos-extensions versions prior to 0.3.17 Description: The issue affects users who installed NixOS through the graphical installer using manual disk partitioning, where the system boots via legacy BIOS, some disk partitions are...
OPENSUSE-SU-2024:10672-1 calamares-3.2.36-1.6 on GA media
These are all security issues fixed in the calamares-3.2.36-1.6 package on the GA media of openSUSE Tumbleweed...
CVE-2023-36476
calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted /boot, on either non-UEFI systems or with a LU...
Code injection
calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted /boot, on either non-UEFI systems or with a LU...
CVE-2023-36476 `calamares-nixos-extensions` LUKS keyfile exposure
calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted /boot, on either non-UEFI systems or with a LU...
CVE-2023-36476 `calamares-nixos-extensions` LUKS keyfile exposure
calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted /boot, on either non-UEFI systems or with a LU...
CVE-2023-36476
Calamares-Nixos-extensions (CVE-2023-36476) is affected: versions 0.3.12 and earlier may place the LUKS key file in /boot as a plaintext CPIO archive attached to the NixOS initrd when booting on legacy BIOS or when the LUKS partition is not the root. A patch is available and expected to be backpo...