drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in cryptsetup
Name: |
Preisgabe von Informationen in cryptsetup |
|
ID: |
USN-5286-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 20.04 LTS, Ubuntu 21.10 |
|
Datum: |
Di, 15. Februar 2022, 22:37 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4122 |
|
Applikationen: |
Cryptsetup |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============8285315752681660978== Content-Language: en-CA Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------oK22qywAbDGaTh0flDScI2tT"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------oK22qywAbDGaTh0flDScI2tT Content-Type: multipart/mixed; boundary="------------UheQVPwxiiL5nbWayiTmBFxs"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> Message-ID: <5e976410-d524-a0d1-b4c6-9f207096e12a@canonical.com> Subject: [USN-5286-1] cryptsetup vulnerability
--------------UheQVPwxiiL5nbWayiTmBFxs Content-Type: text/plain; charset=UTF- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-5286-1 February 15, 2022
cryptsetup vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 21.10 - Ubuntu 20.04 LTS
Summary:
cryptsetup could be made to expose sensitive information.
Software Description: - cryptsetup: disk encryption support
Details:
Milan Broz discovered that cryptsetup incorrectly handled LUKS2 reencryption recovery. An attacker with physical access to modify the encrypted device header may trigger the device to be unencrypted the next time it is mounted by the user.
On Ubuntu 20.04 LTS, this issue was fixed by disabling the online reencryption feature.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 21.10: cryptsetup 2:2.3.7-0ubuntu0.21.10.1
Ubuntu 20.04 LTS: cryptsetup 2:2.2.2-3ubuntu2.4
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-5286-1 CVE-2021-4122
Package Information: https://launchpad.net/ubuntu/+source/cryptsetup/2:2.3.7-0ubuntu0.21.10.1 https://launchpad.net/ubuntu/+source/cryptsetup/2:2.2.2-3ubuntu2.4
--------------UheQVPwxiiL5nbWayiTmBFxs--
--------------oK22qywAbDGaTh0flDScI2tT Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmIL3RMACgkQZWnYVadE vpMnABAAtYaPIAVnlsWbi+67PPTnXY5B4kwZ5Dkyt5mYpsvA3IppCXedEngqTdGC zjUfVvSoyq0UvgwdGd66JD3u/GTdDZVrwbNU1/2laTyJzoJENpn/NHiaBweG/7qa WRCTkjJoMMPF449b8OgsjACg1aK7N+k9vTcihyo8Txc3GneMUly+twiyy8lFGjrE n5JQKZySUmiadN9qODBTPhy04mkrAgZafwkqV89mAl/kqYV6N0TwqEtsIfnvCJnT lrVn06DaMUHhhpwRm8+ZI23osVrqEiTLoMuKE4+/88cABAfovY3P7qlrO1LEDxG7 UoZUV84PRSvty8ZYOelAkiEU5BjsWnAxtGGLanLJGMg9HuvB3yVWCncTSn93YwGd 2YI1HP5+fk2Vvcs3QFogYKwg+mpVsTkSCnlp0lGOPZsX2aMUDPTvYNyUQT0UWGTr nKTGRMtJgxRLWiRHSCi4sZxqgYKKWGk8vPXgUsAAPGcj081wvp98zO7cpOr2BvVA p14ZSTZaby6QeWYDzdjnyG+aURu39vtx75261LXXN7a0Z2tV2HxtOZlzP1npo34l f3WV6m+DG3dur4RIaOOhyk5bokmB1IpJ9ZxNmpbNZl2LmGtrQ8qT3LzAHrwdUsF6 FV7NauCLZ8EcT7HluiAZXqkgtmu87p0BgV0paqKtChVcqANw9oQ= =9qvh -----END PGP SIGNATURE-----
--------------oK22qywAbDGaTh0flDScI2tT--
--===============8285315752681660978== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============8285315752681660978==--
|
|
|
|