Race Condition in LUKS Encryption Keyfile Creation and Permission Setting in Calamares versions 3.1 through 3.2.10

Race Condition in LUKS Encryption Keyfile Creation and Permission Setting in Calamares versions 3.1 through 3.2.10

CVE-2019-13178 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set.

Learn more about our Web Application Penetration Testing UK.