CVE-2023-0751 GELI silently omits the keyfile if read from stdin

2023-02-0819:25:01

CWE-20

freebsd

www.cve.org

geli

keyfile

vulnerability

master key

recovery

0.001 Low

EPSS

Percentile

26.8%

JSON

When GELI reads a key file from standard input, it does not reuse the key file to initialize multiple providers at once resulting in the second and subsequent devices silently using a NULL key as the user key file. If a user only uses a key file without a user passphrase, the master key is encrypted with an empty key file allowing trivial recovery of the master key.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "geli"
    ],
    "product": "FreeBSD",
    "vendor": "FreeBSD",
    "versions": [
      {
        "lessThan": "13.1-RELEASE-p6",
        "status": "affected",
        "version": "13.1-RELEASE",
        "versionType": "release"
      },
      {
        "lessThan": "12.4-RELEASE-p1",
        "status": "affected",
        "version": "12.4-RELEASE",
        "versionType": "release"
      },
      {
        "lessThan": "12.3-RELEASE-p11",
        "status": "affected",
        "version": "12.3-RELEASE",
        "versionType": "release"
      }
    ]
  }
]

References

security.FreeBSD.org/advisories/FreeBSD-SA-23:01.geli.asc

0.001 Low

EPSS

Percentile

26.8%

JSON

Related for CVELIST:CVE-2023-0751