[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FD] [oss-security] CVE-2016-4484: - Cryptsetup Initrd root Shell - Update: Dracut is also vulnerable
- To: oss-security@xxxxxxxxxxxxxxxxxx, fulldisclosure@xxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Re: [FD] [oss-security] CVE-2016-4484: - Cryptsetup Initrd root Shell - Update: Dracut is also vulnerable
- From: Hector Marco-Gisbert <hmarco@xxxxxxxxxx>
- Date: Tue, 15 Nov 2016 01:26:52 +0000
Hello,
We have found that systems that use Dracut instead of initramfs are
also vulnerables (tested on Fedora 24 x86_64).
Regards,
Hector Marco & Ismael Ripoll.
> Hello All,
>
>
> Affected package ---------------- Cryptsetup <= 2:1
>
>
> CVE-ID ------ CVE-2016-4484
>
>
> Description ----------- A vulnerability in Cryptsetup, concretely
> in the scripts that unlock the system partition when the partition
> is ciphered using LUKS (Linux Unified Key Setup).
>
> This vulnerability allows to obtain a root initramfs shell on
> affected systems. The vulnerability is very reliable because it
> doesn't depend on specific systems or configurations. Attackers
> can copy, modify or destroy the hard disc as well as set up the
> network to exflitrate data.
>
> In cloud environments it is also possible to remotely exploit this
> vulnerability without having "physical access."
>
>
> Full description: -----------------
> http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html
>
>
>
>
> Regards, Hector Marco & Ismael Ripoll.
>
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/