Cryptsetup Package Vulnerability: Shell Access via Invalid Password Attempts

Cryptsetup Package Vulnerability: Shell Access via Invalid Password Attempts

CVE-2016-4484 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The Debian initrd script for the cryptsetup package 2:1.7.3-2 and earlier allows physically proximate attackers to gain shell access via many log in attempts with an invalid password.

Learn more about our Cis Benchmark Audit For Debian Linux.