<= Back

AOSA-2016-0026: Update Cryptsetup to 1.7.3

Please update your cryptsetup package to version 1.7.3.

A new version of Cryptsetup was announced with fix to the following security vulnerability:


More specifically, this is a vulnerability that a large amount of "Enter" keystroke may allow attacker/user to gain root access to the shell. However, at a note of relief - in the case of AOSC OS, an attacker could only get so far before he was prompted for decryption when trying to access files on an encrypted partition - as the attacker may only gain access to the shell of the initialization RAM disk, but not the partition itself (where the system was installed).

Relevant documentation: