Detections
Analytics

Debian DSA-5070-1 : cryptsetup - security update

medium Nessus Plugin ID 157886

Language:

Synopsis

The remote Debian host is missing a security-related update.

Description

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5070 advisory.

 CVE-2021-4122 Milan Broz, its maintainer, discovered an issue in cryptsetup, the disk encryption configuration tool for Linux. LUKS2 (an on-disk format) online reencryption is an optional extension to allow a user to change the data reencryption key while the data device is available for use during the whole reencryption process. An attacker can modify on-disk metadata to simulate decryption in progress with crashed (unfinished) reencryption step and persistently decrypt part of the LUKS2 device (LUKS1 devices are indirectly affected as well, see below). This attack requires repeated physical access to the LUKS2 device but no knowledge of user passphrases. The decryption step is performed after a valid user activates the device with a correct passphrase and modified metadata. The size of possible decrypted data per attack step depends on configured LUKS2 header size (metadata size is configurable for LUKS2). With the default LUKS2 parameters (16 MiB header) and only one allocated keyslot (512 bit key for AES-XTS), simulated decryption with checksum resilience SHA1 (20 bytes checksum for 4096-byte blocks), the maximal decrypted size can be over 3GiB. The attack is not applicable to LUKS1 format, but the attacker can update metadata in place to LUKS2 format as an additional step. For such a converted LUKS2 header, the keyslot area is limited to decrypted size (with SHA1 checksums) over 300 MiB. LUKS devices that were formatted using a cryptsetup binary from Debian Stretch or earlier are using LUKS1. However since Debian Buster the default on-disk LUKS format version is LUKS2. In particular, encrypted devices formatted by the Debian Buster and Bullseye installers are using LUKS2 by default. Key truncation in dm-integrity This update additionaly fixes a key truncation issue for standalone dm-integrity devices using HMAC integrity protection. For existing such devices with extra long HMAC keys (typically >106 bytes of length), one might need to manually truncate the key using integritysetup(8)'s --integrity-key-size option in order to properly map the device under 2:2.3.7-1+deb11u1 and later. Only standalone dm-integrity devices are affected. dm-crypt devices, including those using authenticated disk encryption, are unaffected. For the oldstable distribution (buster), this problem is not present. For the stable distribution (bullseye), this problem has been fixed in version 2:2.3.7-1+deb11u1. We recommend that you upgrade your cryptsetup packages. For the detailed security status of cryptsetup please refer to its security tracker page at:
 https://security-tracker.debian.org/tracker/cryptsetup

Tenable has extracted the preceding description block directly from the Debian security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade the cryptsetup packages.

For the stable distribution (bullseye), this problem has been fixed in version 2

See Also

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003686

https://security-tracker.debian.org/tracker/source-package/cryptsetup

https://www.debian.org/security/2022/dsa-5070

https://security-tracker.debian.org/tracker/CVE-2021-4122

https://packages.debian.org/source/buster/cryptsetup

https://packages.debian.org/source/bullseye/cryptsetup

Plugin Details

Severity: Medium

ID: 157886

File Name: debian_DSA-5070.nasl

Version: 1.6

Type: local

Agent: unix

Published: 2/11/2022

Updated: 1/24/2025

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 4.9

Temporal Score: 3.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:C/A:N

CVSS Score Source: CVE-2021-4122

CVSS v3

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.8

Vector: CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:debian:debian_linux:11.0, p-cpe:/a:debian:debian_linux:libcryptsetup12-udeb, p-cpe:/a:debian:debian_linux:cryptsetup-run, p-cpe:/a:debian:debian_linux:cryptsetup-bin, p-cpe:/a:debian:debian_linux:libcryptsetup12, p-cpe:/a:debian:debian_linux:libcryptsetup-dev, p-cpe:/a:debian:debian_linux:cryptsetup, p-cpe:/a:debian:debian_linux:cryptsetup-initramfs, p-cpe:/a:debian:debian_linux:cryptsetup-udeb

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 2/10/2022

Vulnerability Publication Date: 2/1/2022

Reference Information

CVE: CVE-2021-4122