vulnerabilities in LUKS

[Teddy Hogeborn]

Valerio Bellizzomi <valerio at selnet.org> writes:

> I believe this should be documented somehow, at least by this message

Some context:

As noted in the first link
<http://www.jakoblell.com/blog/2013/12/22/practical-malleability-attack-against-cbc-encrypted-luks-partitions/>,
there is a security issue with encrypted file systems if installed with
an operating system *older* than either Ubuntu 12.10 (released October
2012) or Debian 7.2 "wheezy" (released october 2013):  These systems
used CBC by default instead of XTS, and CBC turns out to be somewhat
vulnerable (see link for details).  Any installation made by those
aforementioned versions (or newer) of Debian or Ubuntu is not affected.
This is *not* a Mandos issue, but is likely to affect Mandos users.

The second issue (as noted in the second link,
<http://seclists.org/oss-sec/2016/q4/432>) is not fixed yet by the
Debian security team, since they deem it to have a "Negligable security
impact" (<https://security-tracker.debian.org/tracker/CVE-2016-4484>).
The issue is that if a person is physically present at the console, they
can reach a debug shell by simply inputting the wrong password for a
little over a minute.  You may or may not deem this a problem, since
physical access is always difficult to defend against, and the debug
shell can't access any encrypted data.  The only fix, if one is desired,
is to use the version of "cryptsetup" from Debian unstable.  Like the
first issue, this is *not* a Mandos issue and there is nothing which
Mandos can do about this, even though Mandos users are very likely to be
affected.

/Teddy Hogeborn

-- 
The Mandos Project
https://www.recompile.se/mandos
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 818 bytes
Desc: not available
URL: <http://mail.recompile.se/pipermail/mandos-dev/attachments/20161120/3335fb8a/attachment.sig>