rpm package
opensuse/cryptsetup&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/cryptsetup&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-4122 | — | < 2.4.3-1.1 | 2.4.3-1.1 | Aug 24, 2022 | It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryptio | ||
| CVE-2020-14382 | — | < 2.4.1-1.1 | 2.4.1-1.1 | Sep 16, 2020 | A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2_json_metada |
- CVE-2021-4122Aug 24, 2022affected < 2.4.3-1.1fixed 2.4.3-1.1
It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryptio
- CVE-2020-14382Sep 16, 2020affected < 2.4.1-1.1fixed 2.4.1-1.1
A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2_json_metada