EUVD-2009-3262

Malware in sbrugna...

CVE-2023-36476

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted /boot, on either non-UEFI systems or with a LU...

CVE-2023-36476 `calamares-nixos-extensions` LUKS keyfile exposure

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted /boot, on either non-UEFI systems or with a LU...

Product update: Virtuozzo 7.0 Update 12 (7.0.12-328)

The Update 12 for Virtuozzo 7.0 provides new features as well as stability and usability bug fixes. It also introduces a new kernel 3.10.0-1062.4.2.vz7.116.6. Vulnerability id: PSBM-96303 Unable to restore LUKS partition from backup if source image format is not specified. Vulnerability id:...

openSUSE Security Update : grub2 (openSUSE-2016-10)

Fix buffer overflows when reading username and password. bsc956631, CVE-2015-8370 - Check MS-DOS header to find PE file header. bsc954126 - Use dirname for copying Xen kernel and initrd to esp. bsc955493 - Fix reading password by grub2-mkpasswd-pbdk2 without controlling tty. bsc954519 - Add luks,...

Security update for grub2 (important)

Fix buffer overflows when reading username and password. bsc956631, CVE-2015-8370 - Check MS-DOS header to find PE file header. bsc954126 - Use dirname for copying Xen kernel and initrd to esp. bsc955493 - Fix reading password by grub2-mkpasswd-pbdk2 without controlling tty. bsc954519 - Add luks,...

Information disclosure

The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create a LUKS partition by using the AES-256 cipher in plain CBC mode, which allows local users to obtain sensitive information via a watermark attack...

CVE-2009-3279

The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 create a LUKS partition by using the AES-256 cipher in plain CBC mode, which allows local users to obtain sensitive information via a watermark attack...

CVE-2009-3279

CVE-2009-3279 (and related CVE-2009-3200) affects QNAP TS-239 Pro/TS-639 Pro firmwares 2.1.7 0613, 3.1.0 0627, 3.1.1 0815: it creates a LUKS partition using AES-256 in plain CBC, enabling local users to obtain sensitive information via a watermark attack; an undocumented recovery key stored in fl...

cryptsetup can't destroy last key of a LUKS partition under Ubuntu/Debian

Hello everyone, I noticed last week that the Debian packaged version of cryptsetup has a little limitation, which could be a security issue for people who have to destroy their data forever. It is impossible to destroy a keyslot when you used it to unlock the master key. I reported the bug to...