The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.
{
"unresolved_ranges": [
{
"cpes": [
"cpe:2.3:a:cryptsetup_project:cryptsetup:*:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"last_affected": "2.1.7.3-2"
}
],
"vendor_product": "cryptsetup_project:cryptsetup",
"source": "CPE_RANGE"
}
]
}