CVE-2020-14382
CVE-2020-14382 affects cryptsetup 2.2.0 where LUKS2 header validation in lib/luks2/luks2_json_metadata.c hdr_validate_segments may overflow memory allocation for intervals due to missing overflow checks in intervals = malloc(first_backup * sizeof(*intervals)). This can allow reading data from a c...