[Bug 1749173] Re: luksFormat data leak
Seth Arnold
1749173 at bugs.launchpad.net
Wed Feb 21 00:10:14 UTC 2018
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to cryptsetup in Ubuntu.
https://bugs.launchpad.net/bugs/1749173
Title:
luksFormat data leak
Status in cryptsetup package in Ubuntu:
Confirmed
Bug description:
Release: Ubuntu 17.10
Package version: 2:1.7.3-4ubuntu1
Package architecture: amd64
When initializing a disk with "cryptsetup luksFormat <device>",
cryptsetup creates a luks header including uninitialized areas.
Try this:
--
DISK=sdx
# Store 2MiB of a repeating pattern on disk
python -c 'print("\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xdd\xee\xff" * (2 << 16))' > /dev/$DISK
cryptsetup luksFormat /dev/$DISK
cryptsetup luksHeaderBackup --header-backup-file luks_header.bin /dev/$DISK
hd luks_header.bin
--
You'll observe the following output:
[...]
00020400 00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff |.."3DUfw........|
*
00100400 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00101000
So even if you open the luks device and wipe /dev/mapper/$DISK_crypt
completely, this piece of data, possibly containing plaintext data
from of a prior filesystem, will stay forever. Or, probably, until all
key slots get used.
To make it even worse, it gets stored in backups of the luks header,
so you can't overwrite it safely and restore the header later.
I'd expect cryptsetup luksFormat to fill unused fields of the luks
header with constant or random data.
It would be nice if there was an easy way to safely wipe unused areas
of the luks header on an already formatted disk.
Regards,
Andreas
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1749173/+subscriptions
More information about the foundations-bugs
mailing list