CVE-2021-4122 - OpenCVE

It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium.

Attack Vector Physical

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Cryptsetup Project	Cryptsetup

Configuration 1 [-]

OR	cpe:2.3:a:cryptsetup_project:cryptsetup::::::::
	cpe:2.3:a:cryptsetup_project:cryptsetup::::::::

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2021-4122	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2031859	Permissions Required Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2032401	Issue Tracking Third Party Advisory
https://gitlab.com/cryptsetup/cryptsetup/-/commit/0113ac2d889c5322659ad0596d4cfc6da53e356c	Patch Third Party Advisory
https://mirrors.edge.kernel.org/pub/linux/utils/cryptsetup/v2.4/v2.4.3-ReleaseNotes	Release Notes Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2022-08-24T15:08:58

Updated: 2022-08-24T15:08:58

Reserved: 2021-12-15T00:00:00

Link: CVE-2021-4122

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-08-24T16:15:09.427

Modified: 2022-08-29T14:28:45.370

Link: CVE-2021-4122

JSON object: View

Redhat Information

No data.

CWE

CWE-345

{"containers": {"cna": {"affected": [{"product": "cryptsetup", "vendor": "n/a", "versions": [{"status": "affected", "version": "Fixed in cryptsetup 2.4.3, cryptsetup 2.3.7"}]}], "descriptions": [{"lang": "en", "value": "It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-345", "description": "CWE-345 - Insufficient Verification of Data Authenticity", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-24T15:08:58", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031859"}, {"tags": ["x_refsource_MISC"], "url": "https://mirrors.edge.kernel.org/pub/linux/utils/cryptsetup/v2.4/v2.4.3-ReleaseNotes"}, {"tags": ["x_refsource_MISC"], "url": "https://gitlab.com/cryptsetup/cryptsetup/-/commit/0113ac2d889c5322659ad0596d4cfc6da53e356c"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032401"}, {"tags": ["x_refsource_MISC"], "url": "https://access.redhat.com/security/cve/CVE-2021-4122"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-4122", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "cryptsetup", "version": {"version_data": [{"version_value": "Fixed in cryptsetup 2.4.3, cryptsetup 2.3.7"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-345 - Insufficient Verification of Data Authenticity"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2031859", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031859"}, {"name": "https://mirrors.edge.kernel.org/pub/linux/utils/cryptsetup/v2.4/v2.4.3-ReleaseNotes", "refsource": "MISC", "url": "https://mirrors.edge.kernel.org/pub/linux/utils/cryptsetup/v2.4/v2.4.3-ReleaseNotes"}, {"name": "https://gitlab.com/cryptsetup/cryptsetup/-/commit/0113ac2d889c5322659ad0596d4cfc6da53e356c", "refsource": "MISC", "url": "https://gitlab.com/cryptsetup/cryptsetup/-/commit/0113ac2d889c5322659ad0596d4cfc6da53e356c"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2032401", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032401"}, {"name": "https://access.redhat.com/security/cve/CVE-2021-4122", "refsource": "MISC", "url": "https://access.redhat.com/security/cve/CVE-2021-4122"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-4122", "datePublished": "2022-08-24T15:08:58", "dateReserved": "2021-12-15T00:00:00", "dateUpdated": "2022-08-24T15:08:58", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cryptsetup_project:cryptsetup:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7DA77A9-DF78-49E9-8492-8E84C70D4495", "versionEndExcluding": "2.3.7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cryptsetup_project:cryptsetup:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAE6BBF2-E730-4C5A-81DF-AA13449D0151", "versionEndExcluding": "2.4.3", "versionStartIncluding": "2.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium."}, {"lang": "es", "value": "Se ha detectado que un encabezado LUKS especialmente dise\u00f1ada pod\u00eda enga\u00f1ar a cryptsetup para que deshabilitara el cifrado durante la recuperaci\u00f3n del dispositivo. Un atacante con acceso f\u00edsico al medio, como un disco flash, podr\u00eda usar este fallo para forzar a un usuario a deshabilitar permanentemente la capa de cifrado de ese medio."}], "id": "CVE-2021-4122", "lastModified": "2022-08-29T14:28:45.370", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-24T16:15:09.427", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2021-4122"}, {"source": "secalert@redhat.com", "tags": ["Permissions Required", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2031859"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2032401"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://gitlab.com/cryptsetup/cryptsetup/-/commit/0113ac2d889c5322659ad0596d4cfc6da53e356c"}, {"source": "secalert@redhat.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://mirrors.edge.kernel.org/pub/linux/utils/cryptsetup/v2.4/v2.4.3-ReleaseNotes"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-345"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-345"}], "source": "secalert@redhat.com", "type": "Secondary"}]}