Описание
Security update for cryptsetup
This update for cryptsetup fixes the following issues:
- CVE-2021-4122: Fixed possible attacks against data confidentiality through LUKS2 online reencryption extension crash recovery (bsc#1194469).
Список пакетов
Container bci/bci-init:15.3
libcryptsetup12-2.3.7-150300.3.5.1
libcryptsetup12-hmac-2.3.7-150300.3.5.1
Container ses/7.1/ceph/haproxy:latest
libcryptsetup12-2.3.7-150300.3.5.1
libcryptsetup12-hmac-2.3.7-150300.3.5.1
Container ses/7.1/ceph/keepalived:latest
libcryptsetup12-2.3.7-150300.3.5.1
libcryptsetup12-hmac-2.3.7-150300.3.5.1
Container ses/7.1/cephcsi/cephcsi:latest
cryptsetup-2.3.7-150300.3.5.1
libcryptsetup12-2.3.7-150300.3.5.1
libcryptsetup12-hmac-2.3.7-150300.3.5.1
Container ses/7.1/rook/ceph:latest
cryptsetup-2.3.7-150300.3.5.1
libcryptsetup12-2.3.7-150300.3.5.1
libcryptsetup12-hmac-2.3.7-150300.3.5.1
Container suse/pcp:latest
libcryptsetup12-2.3.7-150300.3.5.1
libcryptsetup12-hmac-2.3.7-150300.3.5.1
Container suse/sle-micro-rancher/5.2:latest
libcryptsetup12-2.3.7-150300.3.5.1
Container trento/trento-db:latest
libcryptsetup12-2.3.7-150300.3.5.1
libcryptsetup12-hmac-2.3.7-150300.3.5.1
Image SLES15-SP3-BYOS-Azure
cryptsetup-2.3.7-150300.3.5.1
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-BYOS-EC2-HVM
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-BYOS-GCE
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-CHOST-BYOS-Aliyun
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-CHOST-BYOS-Azure
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-CHOST-BYOS-EC2
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-CHOST-BYOS-GCE
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-CHOST-BYOS-SAP-CCloud
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-EC2-ECS-HVM
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-EC2-HVM
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-GCE
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-HPC-Azure
cryptsetup-2.3.7-150300.3.5.1
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-HPC-BYOS-Azure
cryptsetup-2.3.7-150300.3.5.1
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-HPC-BYOS-EC2-HVM
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-HPC-BYOS-GCE
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure
cryptsetup-2.3.7-150300.3.5.1
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
cryptsetup-2.3.7-150300.3.5.1
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-Micro-5-1-BYOS-Azure
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-Micro-5-1-BYOS-GCE
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-Micro-5-2-BYOS-Azure
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-Micro-5-2-BYOS-GCE
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-Micro-BYOS-GCE
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-SAP-Azure
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
cryptsetup-2.3.7-150300.3.5.1
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
cryptsetup-2.3.7-150300.3.5.1
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-SAP-BYOS-Azure
cryptsetup-2.3.7-150300.3.5.1
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-SAP-BYOS-GCE
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-SAP-EC2-HVM
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-SAP-GCE
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-SAPCAL-Azure
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-SAPCAL-EC2-HVM
libcryptsetup12-2.3.7-150300.3.5.1
Image SLES15-SP3-SAPCAL-GCE
libcryptsetup12-2.3.7-150300.3.5.1
SUSE Linux Enterprise Micro 5.1
cryptsetup-2.3.7-150300.3.5.1
libcryptsetup12-2.3.7-150300.3.5.1
libcryptsetup12-hmac-2.3.7-150300.3.5.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
cryptsetup-2.3.7-150300.3.5.1
cryptsetup-lang-2.3.7-150300.3.5.1
libcryptsetup-devel-2.3.7-150300.3.5.1
libcryptsetup12-2.3.7-150300.3.5.1
libcryptsetup12-32bit-2.3.7-150300.3.5.1
libcryptsetup12-hmac-2.3.7-150300.3.5.1
libcryptsetup12-hmac-32bit-2.3.7-150300.3.5.1
Ссылки
- Link for SUSE-SU-2022:0144-1
- E-Mail link for SUSE-SU-2022:0144-1
- SUSE Security Ratings
- SUSE Bug 1194469
- SUSE CVE CVE-2021-4122 page
Описание
It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium.
Затронутые продукты
Container bci/bci-init:15.3:libcryptsetup12-2.3.7-150300.3.5.1
Container bci/bci-init:15.3:libcryptsetup12-hmac-2.3.7-150300.3.5.1
Container ses/7.1/ceph/haproxy:latest:libcryptsetup12-2.3.7-150300.3.5.1
Container ses/7.1/ceph/haproxy:latest:libcryptsetup12-hmac-2.3.7-150300.3.5.1
Ссылки
- CVE-2021-4122
- SUSE Bug 1194469