VYPR

Geli

by Pawel Jakub Dawidek

CVEs (2)

  • CVE-2023-0751Feb 8, 2023
    risk 0.00cvss epss 0.01

    When GELI reads a key file from standard input, it does not reuse the key file to initialize multiple providers at once resulting in the second and subsequent devices silently using a NULL key as the user key file. If a user only uses a key file without a user passphrase, the…

  • CVE-2012-4578Aug 21, 2012
    risk 0.00cvss epss 0.00

    The geli encryption provider 7 before r239184 on FreeBSD 10 uses a weak Master Key, which makes it easier for local users to defeat a cryptographic protection mechanism via a brute-force attack.