[dm-crypt] About CVE-2016-4484: - Cryptsetup Initrd root Shell
sven at whgl.uni-frankfurt.de
Tue Nov 15 14:32:54 CET 2016
Obviously it is not a bug in cryptsetup, but rather in dracut and some
distributions initrd scripts. What's really annoying about the CVE is
the fact, that it is mostly irrelevant. If I can get to the password
entry of an initrd, I obviously have control over the boot process. If I
do have control over the boot process I have a splendid variety of
options to do all the things described in the CVE.
I wonder why the authors of the CVE recommend to freeze the system,
instead of adding auth to get a shell. Seems quite stupid to completely
remove the ability to investigate problems.
Am 15.11.2016 um 13:34 schrieb Milan Broz:
> Hi all,
> just little bit clarification about CVE-2016-4484
> This bug is *NOT* cryptsetup/LUKS upstream bug, it is a minor problem in scripts
> unlocking an encrypted system.
> It allows attacker to drop to initramdisk shell (without decryption of LUKS data).
> The scripts are part of Debian cryptsetup package (as an addition to upstream)
> or part of dracut package (if dracut is used).
> (The info about the problem was embargoed until the talk and only Debian maintainers
> were informed in advance.)
> dm-crypt mailing list
> dm-crypt at saout.de
More information about the dm-crypt