Amazon Linux 2022 Security Advisory: ALAS-2022-064
Advisory Release Date: 2022-05-18 00:03 Pacific
Advisory Updated Date: 2022-05-19 18:08 Pacific
It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium. (CVE-2021-4122)
Affected Packages:
cryptsetup
Issue Correction:
Run dnf update --releasever=2022.0.20220518 cryptsetup to update your system.
aarch64:
cryptsetup-debuginfo-2.4.3-2.amzn2022.aarch64
integritysetup-debuginfo-2.4.3-2.amzn2022.aarch64
cryptsetup-ssh-token-debuginfo-2.4.3-2.amzn2022.aarch64
integritysetup-2.4.3-2.amzn2022.aarch64
cryptsetup-libs-2.4.3-2.amzn2022.aarch64
veritysetup-2.4.3-2.amzn2022.aarch64
veritysetup-debuginfo-2.4.3-2.amzn2022.aarch64
cryptsetup-ssh-token-2.4.3-2.amzn2022.aarch64
cryptsetup-libs-debuginfo-2.4.3-2.amzn2022.aarch64
cryptsetup-reencrypt-2.4.3-2.amzn2022.aarch64
cryptsetup-debugsource-2.4.3-2.amzn2022.aarch64
cryptsetup-reencrypt-debuginfo-2.4.3-2.amzn2022.aarch64
cryptsetup-devel-2.4.3-2.amzn2022.aarch64
cryptsetup-2.4.3-2.amzn2022.aarch64
src:
cryptsetup-2.4.3-2.amzn2022.src
x86_64:
integritysetup-debuginfo-2.4.3-2.amzn2022.x86_64
cryptsetup-devel-2.4.3-2.amzn2022.x86_64
cryptsetup-reencrypt-debuginfo-2.4.3-2.amzn2022.x86_64
cryptsetup-debugsource-2.4.3-2.amzn2022.x86_64
integritysetup-2.4.3-2.amzn2022.x86_64
cryptsetup-ssh-token-debuginfo-2.4.3-2.amzn2022.x86_64
veritysetup-2.4.3-2.amzn2022.x86_64
cryptsetup-debuginfo-2.4.3-2.amzn2022.x86_64
cryptsetup-libs-debuginfo-2.4.3-2.amzn2022.x86_64
cryptsetup-libs-2.4.3-2.amzn2022.x86_64
veritysetup-debuginfo-2.4.3-2.amzn2022.x86_64
cryptsetup-reencrypt-2.4.3-2.amzn2022.x86_64
cryptsetup-ssh-token-2.4.3-2.amzn2022.x86_64
cryptsetup-2.4.3-2.amzn2022.x86_64