Cryptsetup Initrd root Shell

Bug #1660701 reported by Mark Foster
264
This bug affects 2 people
Affects Status Importance Assigned to Milestone
cryptsetup (Ubuntu)
Triaged
Low
Unassigned

CVE References

Tyler Hicks (tyhicks)
information type: Private Security → Public Security
Changed in cryptsetup (Ubuntu):
status: New → Triaged
importance: Undecided → Low
Revision history for this message
Tyler Hicks (tyhicks) wrote :

Hello Mark - Thanks for the bug report! We are aware of this flaw in cryptsetup and have triaged it in the Ubuntu CVE Tracker:

  http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4484.html

We marked it as a low priority issue as there are several other ways that you can get a root shell during the boot process. We don't plan to put out security updates to our stable releases for this issue by itself. However, we will include this fix if there is a more urgent cryptsetup security issue that we address in the future.

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.