GO-2025-4076 Constellation has insecure LUKS2 persistent storage partitions which may be opened and used in github.com/edgelesssys/constellation

Constellation has insecure LUKS2 persistent storage partitions which may be opened and used in github.com/edgelesssys/constellation...

CVE-2025-58356

Constellation uses LUKS2-encrypted volumes for persistent storage in a Confidential Kubernetes setup. The vulnerability arises when opening an encrypted device via crypt_activate_by_passhrase because cryptsetup 2.8.1 mishandles null keyslot algorithms, which can cause a volume to be opened withou...

CVE-2025-58356 Constellation allows insecure use of LUKS2 persistent storage partitions

Constellation is the first Confidential Kubernetes. The Constellation CVM image uses LUKS2-encrypted volumes for persistent storage. When opening an encrypted storage device, the CVM uses the libcryptsetup function cryptactivatebypasshrase. If the VM is successful in opening the partition with th...

CVE-2025-11568 Luksmeta: data corruption when handling luks1 partitions with luksmeta

A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the...

EUVD-2014-1119

Malware in sbrugna...

EUVD-2014-9779

Malware in sbrugna...

EUVD-2014-2057

Malware in sbrugna...

EUVD-2018-18952

Malware in sbrugna...

EUVD-2018-15473

Malware in sbrugna...

EUVD-2018-4020

Malware in sbrugna...

EUVD-2018-4021

Malware in sbrugna...

EUVD-2008-6043

Malware in sbrugna...

EUVD-2020-18825

Malware in sbrugna...

EUVD-2017-6385

Malware in sbrugna...

EUVD-2019-4703

Malware in sbrugna...

EUVD-2020-1909

Malware in sbrugna...

EUVD-2018-12899

Malware in sbrugna...

EUVD-2023-23524

Malicious code in bioql PyPI...

CVE-2025-59054 dstack has insecure LUKS2 persistent storage partitions that may be opened and used

dstack is a software development kit SDK to simplify the deployment of arbitrary containerized apps into trusted execution environments. In versions of dstack prior to 0.5.4, a malicious host may provide a crafted LUKS2 data volume to a dstack CVM for use as the /data mount. The guest will open t...

Linux Distros Unpatched Vulnerability : CVE-2020-11932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered. CVE-2020-11932 Note that Ness...