Brute force attack on LUKS password decryption via initramfs (CVE-2016-4484)

Updated -

It was found that dracut-generated initramfs would drop a local user to an emergency shell when decryption of a LUKS-encrypted (Linux Unified Key Setup) partition failed. An attacker with physical access to a machine or with access to the boot console of a system could potentially brute-force the LUKS password using the dracut shell, and possibly be able to copy off the encrypted partition for...

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In