A security flaw in the cryptsetup Linux utility allows attackers to bypass the authentication procedure on encrypted drives by pressing the Enter key.
The Linux Security Vulnerability Allows Attackers To Easily Gain a Root Shell (CVE-2016-4484)
Security experts have discovered a serious flaw in the cryptsetup implementation which is used with encrypted drives on Gnu/Linux distributions. According to the reports the vulnerabilty allows attackers to bypass the authentication process on some systems just by pressing the Enter key for around 70 seconds. The result is an open shell with root privileges.
The issue is tracked under the CVE-2016-4484 advisory and the initial discovery was done by the Spanish researcher Hector Marco, who was responsible for another critical security flaw found in the GRUB2 authentication implementation.
Cryptsetup is the command line utility which is used to interface with dm-crypt for creating, accessing and managing the encrypted devices. The tool supports various encryption types that relies on the Linux kernel device-mapper and the cryptographic modules. The researcher studied the implementation that used the Linux Unified Key Setup (LUKS).
The flaw was identified in the script when the user is prompted for the encryption password. The string is required by the utility to decrypt the information on the protected drives, which then boots the systems and grants the users access to the stored data.
The fault is caused by an incorrect handling of the password in the script /scripts/local-top/crypt rot. When the user exceeds the maximum number of password tries the boot sequences continues normally. By default this is set to 3 tries.
The cryptsetup interprets the errors as a “slow device” which needs more time to warm-up. Because of the design the cryptsetup utility allows the users to retry the password entry by reloading the authentication procedure.
This procedure is reloaded up to 30 times on an x86 (93 total password tries) and 150 times on a PowerPC system (452 password retries).
The bigger problems are encountered when the user has exhausted all authentication attempts. Instead of blocking access to the system, the utility starts a root shell.
The attacker can use it to perform one of the following actions:
- Privilege Escalation – Since the boot partition is typically not encrypted the attacker can store an executable file with the SetUID enabled. This can later be used for privilege escalation by a local user. If the boot is not secured then it would be easy to replace the kernel and the initrd image.
- Information Disclosure – The root shell can be used to acccess all data on the decrypted disk. The system partition can be copied to an external device where it can be brute forced.
- Denial of Service – The attacker can delete all information from the disks at will
LUKS is just one of the methods used for disk encryption on Gnu/Linux distributions. The discovered flaw affects only a few distributions – Debian and Ubuntu based systems, Fedora and some Slackware distributions.
A security patch was devised for the cryptsetup utility.