Obviously it is not a bug in cryptsetup, but rather in dracut and some
distributions initrd scripts. What's really annoying about the CVE is
the fact, that it is mostly irrelevant. If I can get to the password
entry of an initrd, I obviously have control over the boot process. If I
do have control over the boot process I have a splendid variety of
options to do all the things described in the CVE.
I wonder why the authors of the CVE recommend to freeze the system,
instead of adding auth to get a shell. Seems quite stupid to completely
remove the ability to investigate problems.
-Sven
Am 15.11.2016 um 13:34 schrieb Milan Broz:
Hi all,
just little bit clarification about CVE-2016-4484
http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html
This bug is *NOT* cryptsetup/LUKS upstream bug, it is a minor problem in scripts
unlocking an encrypted system.
It allows attacker to drop to initramdisk shell (without decryption of LUKS data).
The scripts are part of Debian cryptsetup package (as an addition to upstream)
or part of dracut package (if dracut is used).
(The info about the problem was embargoed until the talk and only Debian maintainers
were informed in advance.)
Milan
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt
