streetboard_gurl

streetboard_gurl

c47@hub.netzgemeinde.eu

This channel has not added a profile description yet

Ort:: Berlin

Geschlecht:: Female

Homepage:: https://www.nixre.net

2022-01-18 13:01:20

streetboard_gurl

c47@hub.netzgemeinde.eu

tokudan schrieb den folgenden Beitrag Tue, 18 Jan 2022 10:42:30 +0100

#linux #cve-2021-4122
cryptsetup can be tricked to decrypt a volume. apparently published January 13th 2022, but I haven't seen that anywhere yet:
https://marc.info/?l=oss-security&m=164207624903766&w=2

- - -

2022-01-20 06:10:18

streetboard_gurl

c47@hub.netzgemeinde.eu

To be honest I haven't yet been able to look at this on such a deep level. I hope that I'll gonna have time at the weekend :-)

2022-01-20 12:04:10

Harald Eilertsen

harald@hub.volse.no

it seems an attacker needs access to an already-opened device to perform the first step

No, they just have to modify the metadata in the luks2 header part of the volume. Since that part is (was) not protected by the keys they can do that even on a cold device.

The actual decryption happens when a valid user opens the device, so that's why repeated physical access is required.

2022-01-20 12:20:27

Felix Tiede

felix@pod.pc-tiede.de

Well... provided I have repeated physical access to a device, I install a key-logger. Or some other low-level spying device and not fiddle with cryptsetup itself.

However, my more serious concern is the fact that "just updating" cryptsetup is actually not enough to secure the system, because an attacker can use any version she desires. So, how do I mitigate the attack when an attacker can choose the version of cryptsetup to perform any of the necessary steps?