Re: CVE-2016-4484: - Cryptsetup Initrd root Shell - Update: Dracut is also vulnerable

[Hector Marco-Gisbert <hmarco () hmarco org>]

Hello,

We have found that systems that use Dracut instead of initramfs are
also vulnerables (tested on Fedora 24 x86_64).

Regards,
Hector Marco & Ismael Ripoll.


> Hello All,
>
>
> Affected package ---------------- Cryptsetup <= 2:1
>
>
> CVE-ID ------ CVE-2016-4484
>
>
> Description ----------- A vulnerability in Cryptsetup, concretely 
> in the scripts that unlock the system partition when the partition 
> is ciphered using LUKS (Linux Unified Key Setup).
>
> This vulnerability allows to obtain a root initramfs shell on 
> affected systems. The vulnerability is very reliable because it 
> doesn't depend on specific systems or configurations. Attackers
> can copy, modify or destroy the hard disc as well as set up the
> network to exflitrate data.
>
> In cloud environments it is also possible to remotely exploit this
>  vulnerability without having "physical access."
>
>
> Full description: ----------------- 
> http://hmarco.org/bugs/CVE-2016-4484/CVE-2016-4484_cryptsetup_initrd_shell.html
>
>
>
>
> Regards, Hector Marco & Ismael Ripoll.