Debian Bug report logs -
#1003686
CVE-2021-4122: cryptsetup 2x: decryption through LUKS2 reencryption crash recovery
Package:
src:cryptsetup;
Maintainer for src:cryptsetup is Debian Cryptsetup Team <pkg-cryptsetup-devel@alioth-listsdebiannet>;
Reported by: Guilhem Moulin <guilhem@debianorg>
Date: Thu, 13 Jan 2022 ...
CVE-2021-4122
Milan Broz, its maintainer, discovered an issue in cryptsetup, the disk
encryption configuration tool for Linux
LUKS2 (an on-disk format) online reencryption is an optional extension to
allow a user to change the data reencryption key while the data device is
available for use during the whole reencryption process ...
It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium ...
Synopsis
Moderate: OpenShift Logging bug fix and security update (535)
Type/Severity
Security Advisory: Moderate
Topic
OpenShift Logging bug fix and security update (535)Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed se ...
Synopsis
Moderate: cryptsetup security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for cryptsetup is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as havin ...
Synopsis
Moderate: OpenShift API for Data Protection (OADP) 101 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
OpenShift API for Data Protection (OADP) 101 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base s ...
Synopsis
Important: Red Hat OpenShift GitOps security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat OpenShift GitOps 13Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Synopsis
Important: Release of containers for OSP 162 director operator tech preview
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenStack Platform 162 (Train) director Operator containers areavailable for technology preview
Description
Release osp-director-operator imagesSecurity Fix(es): golang: net/http: limit growth of h ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 2211 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 2211 General Availability release images, which provide one or more container updates and bug fixesRed Hat Product Security has rated this update as ...
Synopsis
Moderate: Migration Toolkit for Containers (MTC) 154 security update
Type/Severity
Security Advisory: Moderate
Topic
The Migration Toolkit for Containers (MTC) 154 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score, whichg ...
Synopsis
Important: Red Hat Advanced Cluster Management 236 security updates and bug fixes
Type/Severity
Security Advisory: Important
Topic
Red Hat Advanced Cluster Management for Kubernetes 236 General Availabilityrelease images, which provide security updates and bug fixes
Description
Red Hat Advanced Cluster Management for Kubernete ...
Synopsis
Important: Red Hat Advanced Cluster Management 242 security updates and bug fixes
Type/Severity
Security Advisory: Important
Topic
Red Hat Advanced Cluster Management for Kubernetes 242 General Availabilityrelease images This update provides security fixes, fixes bugs, and updates the container imagesRed Hat Product Security ha ...
Synopsis
Moderate: Red Hat Single Sign-On 7410 on OpenJ9 for OpenShift image security update
Type/Severity
Security Advisory: Moderate
Topic
A new image is available for Red Hat Single Sign-On 7410 on OpenJ9, running on OpenShift Container Platform 310 and 311, and 43Red Hat Product Security has rated this update as having a security ...
Synopsis
Moderate: Red Hat Single Sign-On 7410 on OpenJDK for OpenShift image security update
Type/Severity
Security Advisory: Moderate
Topic
A new image is available for Red Hat Single Sign-On 7410 on OpenJDK, running on OpenShift Container Platform 310 and 311, and 43Red Hat Product Security has rated this update as having a securit ...
It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium (CVE-2021-4122) ...
It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium (CVE-2021-4122) ...