|
|
Subscribe / Log in / New account

The "cryptsetup initrd root shell" vulnerability

The "cryptsetup initrd root shell" vulnerability

Posted Nov 15, 2016 18:45 UTC (Tue) by asalor (subscriber, #39266)
In reply to: The "cryptsetup initrd root shell" vulnerability by corsac
Parent article: The "cryptsetup initrd root shell" vulnerability

Cryptsetup upstream was never contacted by authors, we get information from Debian maintainers (thanks).

The talk title (Abusing LUKS to Hack the System) and directly mention of cryptsetup in CVE (while it is neither bug in cryptsetup upstream nor LUKS format) really does not help anyone.

This was really not the ideal example how researches should cooperate with opensource developers.

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds