[pkg-cryptsetup-devel] Security issue (CVE-2021-4122) in cryptsetup 2:2.3.5-1
Yves-Alexis Perez
corsac at debian.org
Thu Feb 10 14:54:27 GMT 2022
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Thu, 2022-02-10 at 09:53 +0100, Guilhem Moulin wrote:
> Unfortunately I only have the d/changelog summary, plus the NEWS entry
> for the truncation issue:
>
> This release fixes a key truncation issue for standalone dm-integrity
> devices using HMAC integrity protection. For existing such devices
> with extra long HMAC keys (typically >106 bytes of length, see
> https://bugs.debian.org/949336#78 for the various corner cases), one
> might need to manually truncate the key using integritysetup(8)'s
> `--integrity-key-size` option in order to properly map the device
> under 2:2.3.7-1+deb11u1 and later.
>
> Only standalone dm-integrity devices are affected. dm-crypt devices,
> including those using authenticated disk encryption, are unaffected.
>
> For CVE-2021-4122 one could summarize the upstream advisory at
> https://seclists.org/oss-sec/2022/q1/34 , if you'd like an entry longer
> than d/changelog.
Yeah no problem, I'll craft something from the various sources :)
- --
Yves-Alexis
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAmIFJyMACgkQ3rYcyPpX
RFtOywf+MzT3P8YmdkK6LKAn1eRaWx7TXaYPIiSHH5Uozo/HXTjN8OjakVGta4K0
cXSv6YQfc5j6Roi4CPJYQ2U9m9yK8zDO9CIOlMmm+BLpWH4XEfnwnuk+vrLR1of1
94N/vLVP9xsY9Avh/GMFmueATTJeb7ooVBY+EM+pmaIZ4AyNchUgzZ2OT2CDWHdX
kmOFFesQBkYZ2kOpgMFc71fKDNrnmIPNEliY5wjYK9KAMwHfB64cMLuh4uL1jK0S
XAWP74OvXvi6eEuyTYQJ4e93TAZy92ZQ7K75wSB08mDSaZaZ872RYjoTkH70nWtF
0lHDaOBRQX7LQXkzkw59qxDJQUc0yw==
=ryzG
-----END PGP SIGNATURE-----
More information about the pkg-cryptsetup-devel
mailing list