Ubuntu: Security Advisory (USN-4493-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-4122

It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that...

CVE-2021-4122

It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that...

DEBIAN-CVE-2021-4122

It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that...

ALPINE-CVE-2021-4122

It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that...

CVE-2021-4122

CVE-2021-4122 affects cryptsetup’s LUKS2 online reencryption feature. An attacker with repeated physical access can modify on-disk metadata to simulate decryption in progress, potentially decrypting portions of the LUKS2 device and compromising data. Debian confirms impact on LUKS2 (LUKS1 affecte...

Security Bulletin: Netcool Operations Insight v1.6.4 contains fixes for multiple security vulnerabilities.

Summary Netcool Operations Insight v1.6.4 contains fixes for multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID: CVE-2021-23450 DESCRIPTION: Dojo could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in the...

cryptsetup bug fix and enhancement update

An update is available for cryptsetup. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 8...

cryptsetup bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

ALBA-2022:2097 cryptsetup bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

AlmaLinux 8 : cryptsetup (ALSA-2022:0370)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:0370 advisory. - It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical...

OESA-2022-1532 cryptsetup security update

cryptsetup is a utility used to conveniently set up disk encryption based on the DMCrypt kernel module. Security Fixes: It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the...

Debian: Security Advisory (DSA-5070-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5286-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5286-1: cryptsetup vulnerability

Milan Broz discovered that cryptsetup incorrectly handled LUKS2 reencryption recovery. An attacker with physical access to modify the encrypted device header may trigger the device to be unencrypted the next time it is mounted by the user. On Ubuntu 20.04 LTS, this issue was fixed by disabling th...

USN-5286-1 cryptsetup vulnerability

Milan Broz discovered that cryptsetup incorrectly handled LUKS2 reencryption recovery. An attacker with physical access to modify the encrypted device header may trigger the device to be unencrypted the next time it is mounted by the user. On Ubuntu 20.04 LTS, this issue was fixed by disabling th...

Ubuntu 20.04 LTS : cryptsetup vulnerability (USN-5286-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5286-1 advisory. Milan Broz discovered that cryptsetup incorrectly handled LUKS2 reencryption recovery. An attacker with physical access to modify the encrypted device header may...

Debian DSA-5070-1 : cryptsetup - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5070 advisory. CVE-2021-4122 Milan Broz, its maintainer, discovered an issue in cryptsetup, the disk encryption configuration tool for Linux. LUKS2 an on-disk format online reencryption ...

[SECURITY] [DSA 5070-1] cryptsetup security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5070-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez February 10, 2022 https://www.debian.org/security/faq -...

DSA-5070-1 cryptsetup - security update

Bulletin has no description...