80 matches found
DEBIAN-CVE-2019-13178
modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set...
DEBIAN-CVE-2019-13179
Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...
CVE-2019-13179
Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...
UBUNTU-CVE-2019-13178
modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set...
Race condition
modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set...
CVE-2019-13179
Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...
CVE-2019-13178
modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set...
UBUNTU-CVE-2019-13179
Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...
CVE-2019-13179
Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...
CVE-2019-13179
CVE-2019-13179 affects Calamares versions 3.1 to 3.2.10. The root cause is that Calamares copies the LUKS keyfile at /crypto_keyfile.bin (mode 0600, root-owned) into /boot inside a globally readable initramfs image, making the key accessible to any user and exposing decryption keys for LUKS conta...
CVE-2019-13179
Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...
Improper Permissions For Directory And File Restrictions
glib uses improper permissions for directory and file restrictions. Directories are created using less restrictive permissions for directory and file using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE,...
CVE-2019-13012
The keyfile settings backend in GNOME GLib aka glib2.0 before 2.60.0 creates directories using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE, GFILECREATEREPLACEDESTINATION, NULL, NULL, NULL. Consequently, it does n...
DEBIAN-CVE-2019-13012
The keyfile settings backend in GNOME GLib aka glib2.0 before 2.60.0 creates directories using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE, GFILECREATEREPLACEDESTINATION, NULL, NULL, NULL. Consequently, it does n...
Null pointer dereference
The keyfile settings backend in GNOME GLib aka glib2.0 before 2.60.0 creates directories using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE, GFILECREATEREPLACEDESTINATION, NULL, NULL, NULL. Consequently, it does n...
CVE-2019-13012
The keyfile settings backend in GNOME GLib aka glib2.0 before 2.60.0 creates directories using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE, GFILECREATEREPLACEDESTINATION, NULL, NULL, NULL. Consequently, it does n...
CVE-2019-13012
The keyfile settings backend in GNOME GLib aka glib2.0 before 2.60.0 creates directories using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE, GFILECREATEREPLACEDESTINATION, NULL, NULL, NULL. Consequently, it does n...
CVE-2019-13012
CVE-2019-13012 affects GNOME GLib (glib2.0). The keyfile settings backend before 2.60.0 creates directories with 0777 permissions and files with default permissions due to improper restriction, enabling potential exposure of sensitive data. This is tied to g_file_make_directory_with_parents and g...
VSHG - Hardware resistance & enhanced security for GnuPG
VSHG aims to provide a memory / hardware resistant reinforcement to GnuPG's standared s2k key-derivation-function + a simplified interface for symmetric encryption . About VSHG VSHG Very secure hash generator is a standalone Addon for GnuPG Gnu privacy guard . It is written as a shell script and ...
Hardware resistance & enhanced security for GnuPG
VSHG aims to provide a memory / hardware resistant reinforcement to GnuPG’s standard s2k key-derivation-function + a simplified interface for symmetric encryption . VSHG Very secure hash generator is a standalone Addon for GnuPG Gnu privacy guard . It is written as a shell script and is designed...