The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.
{ "binaries": [ { "binary_version": "2:1.6.1-1ubuntu1", "binary_name": "cryptsetup" }, { "binary_version": "2:1.6.1-1ubuntu1", "binary_name": "cryptsetup-bin" }, { "binary_version": "2:1.6.1-1ubuntu1", "binary_name": "libcryptsetup4" } ] }
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-4484.json"
{ "binaries": [ { "binary_version": "2:1.6.6-5ubuntu2.1", "binary_name": "cryptsetup" }, { "binary_version": "2:1.6.6-5ubuntu2.1", "binary_name": "cryptsetup-bin" }, { "binary_version": "2:1.6.6-5ubuntu2.1", "binary_name": "libcryptsetup4" } ] }