CVE-2021-4122
Summary
| CVE | CVE-2021-4122 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-08-24 16:15:00 UTC |
|---|
| Updated | 2022-08-29 14:28:00 UTC |
|---|
| Description | It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Red Hat Customer Portal - Access to 24x7 support and knowledge |
MISC |
access.redhat.com |
|
| mirrors.edge.kernel.org/pub/linux/utils/cryptsetup/v2.4/v2.4.3-ReleaseNotes |
MISC |
mirrors.edge.kernel.org |
|
| Bug Access Denied |
MISC |
bugzilla.redhat.com |
|
| Fix CVE-2021-4122 - LUKS2 reencryption crash recovery attack (0113ac2d) · Commits · cryptsetup / cryptsetup · GitLab |
MISC |
gitlab.com |
|
| 2032401 – (CVE-2021-4122) CVE-2021-4122 cryptsetup: disable encryption via header rewrite |
MISC |
bugzilla.redhat.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 159625 Oracle Enterprise Linux Security Update for cryptsetup (ELSA-2022-0370)
- 179063 Debian Security Update for cryptsetup (DSA 5070-1)
- 182753 Debian Security Update for cryptsetup (CVE-2021-4122)
- 198664 Ubuntu Security Notification for cryptsetup Vulnerability (USN-5286-1)
- 240053 Red Hat Update for cryptsetup (RHSA-2022:0370)
- 282245 Fedora Security Update for cryptsetup (FEDORA-2022-40d0a8de5e)
- 282290 Fedora Security Update for cryptsetup (FEDORA-2022-61b55b6ebc)
- 354309 Amazon Linux Security Advisory for cryptsetup : ALAS2022-2022-174
- 354362 Amazon Linux Security Advisory for cryptsetup : ALAS2022-2022-064
- 355258 Amazon Linux Security Advisory for cryptsetup : ALAS2023-2023-027
- 377364 Alibaba Cloud Linux Security Update for cryptsetup (ALINUX3-SA-2022:0008)
- 500106 Alpine Linux Security Update for cryptsetup
- 501952 Alpine Linux Security Update for cryptsetup
- 503884 Alpine Linux Security Update for cryptsetup
- 591406 Siemens SIMATIC S7-1500 CPU GNU/Linux subsystem Multiple Vulnerabilities (SSB-439005, ICSA-22-104-13)
- 672118 EulerOS Security Update for cryptsetup (EulerOS-SA-2022-2308)
- 672145 EulerOS Security Update for cryptsetup (EulerOS-SA-2022-2411)
- 672175 EulerOS Security Update for cryptsetup (EulerOS-SA-2022-2424)
- 672482 EulerOS Security Update for cryptsetup (EulerOS-SA-2023-1029)
- 672518 EulerOS Security Update for cryptsetup (EulerOS-SA-2023-1004)
- 751628 OpenSUSE Security Update for cryptsetup (openSUSE-SU-2022:0144-1)
- 752012 SUSE Enterprise Linux Security Update for cryptsetup (SUSE-SU-2022:0144-1)
- 903769 Common Base Linux Mariner (CBL-Mariner) Security Update for cryptsetup (10697)
- 904193 Common Base Linux Mariner (CBL-Mariner) Security Update for cryptsetup (10697-1)
- 940447 AlmaLinux Security Update for cryptsetup (ALSA-2022:0370)
- 960108 Rocky Linux Security Update for cryptsetup (RLSA-2022:370)
- 960790 Rocky Linux Security Update for cryptsetup (RLSA-2022:0370)
