Vulnerability Description
A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2_json_metadata.c' in function hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj) where the code does not check for possible overflow on memory allocation used for intervals array (see statement "intervals = malloc(first_backup * sizeof(*intervals));"). Due to the bug, library can be *tricked* to expect such allocation was successful but for far less memory then originally expected. Later it may read data FROM image crafted by an attacker and actually write such data BEYOND allocated memory.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cryptsetup Project | Cryptsetup | 2.2.0 |
| Redhat | Enterprise Linux | 8.0 |
| Canonical | Ubuntu Linux | 20.04 |
| Fedoraproject | Fedora | 31 |
Related Weaknesses (CWE)
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1874712Issue TrackingPatchThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://usn.ubuntu.com/4493-1/Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1874712Issue TrackingPatchThird Party Advisory
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro
- https://usn.ubuntu.com/4493-1/Third Party Advisory
FAQ
What is CVE-2020-14382?
CVE-2020-14382 is a vulnerability with a CVSS score of 7.8 (HIGH). A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 contai...
How severe is CVE-2020-14382?
CVE-2020-14382 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-14382?
Check the references section above for vendor advisories and patch information. Affected products include: Cryptsetup Project Cryptsetup, Redhat Enterprise Linux, Canonical Ubuntu Linux, Fedoraproject Fedora.