USN-5286-1
- Source
- https://ubuntu.com/security/notices/USN-5286-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5286-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-5286-1
- Related
- Published
- 2022-02-15T15:20:44.154680Z
- Modified
- 2022-02-15T15:20:44.154680Z
- Summary
- cryptsetup vulnerability
- Details
-
Milan Broz discovered that cryptsetup incorrectly handled LUKS2 reencryption recovery. An attacker with physical access to modify the encrypted device header may trigger the device to be unencrypted the next time it is mounted by the user.
On Ubuntu 20.04 LTS, this issue was fixed by disabling the online reencryption feature.
- References
Affected packages
Ubuntu:20.04:LTS / cryptsetup
Package
- Name
- cryptsetup
- Purl
- pkg:deb/ubuntu/cryptsetup?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2:2.2.2-3ubuntu2.4
Affected versions
2:2.*
2:2.2.0-3ubuntu1
2:2.2.1-1ubuntu1
2:2.2.2-1ubuntu1
2:2.2.2-2ubuntu1
2:2.2.2-3ubuntu1
2:2.2.2-3ubuntu2
2:2.2.2-3ubuntu2.2
2:2.2.2-3ubuntu2.3
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "2:2.2.2-3ubuntu2.4",
"binary_name": "cryptsetup"
},
{
"binary_version": "2:2.2.2-3ubuntu2.4",
"binary_name": "cryptsetup-bin"
},
{
"binary_version": "2:2.2.2-3ubuntu2.4",
"binary_name": "cryptsetup-bin-dbgsym"
},
{
"binary_version": "2:2.2.2-3ubuntu2.4",
"binary_name": "cryptsetup-dbgsym"
},
{
"binary_version": "2:2.2.2-3ubuntu2.4",
"binary_name": "cryptsetup-initramfs"
},
{
"binary_version": "2:2.2.2-3ubuntu2.4",
"binary_name": "cryptsetup-run"
},
{
"binary_version": "2:2.2.2-3ubuntu2.4",
"binary_name": "cryptsetup-udeb"
},
{
"binary_version": "2:2.2.2-3ubuntu2.4",
"binary_name": "libcryptsetup-dev"
},
{
"binary_version": "2:2.2.2-3ubuntu2.4",
"binary_name": "libcryptsetup12"
},
{
"binary_version": "2:2.2.2-3ubuntu2.4",
"binary_name": "libcryptsetup12-dbgsym"
},
{
"binary_version": "2:2.2.2-3ubuntu2.4",
"binary_name": "libcryptsetup12-udeb"
}
]
}