N/A

A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2_json_metadata.c' in function hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj) where the code does not check for possible overflow on memory allocation used for intervals array (see statement "intervals = malloc(first_backup * sizeof(*intervals));"). Due to the bug, library can be *tricked* to expect such allocation was successful but for far less memory then originally expected. Later it may read data FROM image crafted by an attacker and actually write such data BEYOND allocated memory.

N/A

N/A

Cryptsetup 缓冲区错误漏洞

Cryptsetup是是一个实用程序，用于基于DMCrypt内核模块方便地设置磁盘加密。 cryptsetup 2.2.0 版本中存在缓冲区错误漏洞，该漏洞源于网络系统或产品在内存上执行操作时，未正确验证数据边界，攻击者可利用密码设置片段触发缓冲区溢出。

N/A

N/A