OESA-2022-1532 — Vulnetix

OESA-2022-1532 PUBLISHED CVSS 8.399999618530273 HIGH

cryptsetup is a utility used to conveniently set up disk encryption based on the DMCrypt kernel module. Security Fix(es): It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium.(CVE-2021-4122)

Risk Scores

CVSS v4.0

8.399999618530273

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
openEuler:20.03-LTS-SP1	cryptsetup	0, 0
openEuler:20.03-LTS-SP2	cryptsetup	0, 0
openEuler:20.03-LTS-SP3	cryptsetup	0, 0

Timeline

Feb 19, 2022 CVE Published
Sep 3, 2025 CVE Updated
May 2, 2026 Security Advisory

References

https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1532 advisory
https://nvd.nist.gov/vuln/detail/CVE-2021-4122 advisory

Open in Interactive Console →