Re: [Tails-dev] LUKS 2 vulnerability

Delete this message

Reply to this message
Author: gagz
Date:  
To: hsiffish, tails-dev
Subject: Re: [Tails-dev] LUKS 2 vulnerability
Hello,

hsiffish@???:
> ­Hi, does the new LUKS 2 vulnerability affect all previous and current version
> of Tails?
> Should we be concerned about the persistent storage feature?


If I understand correctly, no and no.
If I'm not mistaken, the vulnerability affects LUKS2 volumes created
using cryptsetup since version 2.2.0, but Tails ships 2.1.

But I might be wrong.

Furthermore, this attack is not doable without control of the storage
(ie, be root on a machine on which the storage is attached), and doesn't
allow for full decryption (but still up to few gigabytes).


This is sensitive topic so please double check what I'm saying!

gagz



> *CVE-2021-4122: cryptsetup 2.x: decryption through LUKS2 reencryption crash
> recovery*
> https://seclists.org/oss-sec/2022/q1/34
>
> Thanks in advance.
>
>
>
>
>
> Ihr Recht auf Privatsphäre. Schützen Sie Ihre Daten und wechseln jetzt zu
> *eclipso Mail & Cloud <https://www.eclipso.de>*.
>
>
> _______________________________________________
> Tails-dev mailing list
> Tails-dev@???
> https://www.autistici.org/mailman/listinfo/tails-dev
> To unsubscribe from this list, send an empty email to Tails-dev-unsubscribe@???.