Medium severity4.4NVD Advisory· Published Oct 15, 2025· Updated May 19, 2026
CVE-2025-11568
CVE-2025-11568
Description
A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the available space, causing the metadata to overwrite and corrupt the user's encrypted data. This action leads to a permanent loss of the stored information. Devices using the LUKS formats other than LUKS1 are not affected by this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- osv-coords3 versions
< 9-4.el8_10.1+ 2 more
- (no CPE)range: < 9-4.el8_10.1
- (no CPE)range: < 9-4.el8_10.1
- (no CPE)range: < 9-4.el8_10.1
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.