Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2136

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2004-2136
Last Modified 05 Sep 2008 04:43:18
Published 19 Feb 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-2136

Summary

dm-crypt on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.

Vulnerable Systems

Operating System

  • Linux Kernel 2.6.0


References

MISC - http://www.securiteam.com/exploits/5UP0P1PFPM.html

MISC - http://mareichelt.de/pub/notmine/diskenc.pdf

MLIST - [linux-kernel] 20040219 Re: Oopsing cryptoapi (or loop device?) on 2.6.*


Last Updated: 27 May 2016 10:39:21