UBUNTU-CVE-2025-11568

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2025-11568

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-11568.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2025-11568

Upstream

CVE-2025-11568

Published

2025-10-16T00:00:00Z

Modified

2025-10-16T20:32:36.336494Z

Severity

4.4 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the available space, causing the metadata to overwrite and corrupt the user's encrypted data. This action leads to a permanent loss of the stored information. Devices using the LUKS formats other than LUKS1 are not affected by this issue.

References

Affected packages

Ubuntu:22.04:LTS

luksmeta

Package

Name: luksmeta
Purl: pkg:deb/ubuntu/luksmeta@9-3?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

Other

9-3

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "9-3",
            "binary_name": "libluksmeta-dev"
        },
        {
            "binary_version": "9-3",
            "binary_name": "libluksmeta0"
        },
        {
            "binary_version": "9-3",
            "binary_name": "luksmeta"
        }
    ]
}

Ubuntu:24.04:LTS

luksmeta

Package

Name: luksmeta
Purl: pkg:deb/ubuntu/luksmeta@9-4?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

Other

9-4

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "9-4",
            "binary_name": "libluksmeta-dev"
        },
        {
            "binary_version": "9-4",
            "binary_name": "libluksmeta0"
        },
        {
            "binary_version": "9-4",
            "binary_name": "luksmeta"
        }
    ]
}

Ubuntu:25.04

luksmeta

Package

Name: luksmeta
Purl: pkg:deb/ubuntu/luksmeta@9-4?arch=source&distro=plucky

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

Other

9-4

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "9-4",
            "binary_name": "libluksmeta-dev"
        },
        {
            "binary_version": "9-4",
            "binary_name": "libluksmeta0"
        },
        {
            "binary_version": "9-4",
            "binary_name": "luksmeta"
        }
    ]
}

Ubuntu:25.10

luksmeta

Package

Name: luksmeta
Purl: pkg:deb/ubuntu/luksmeta@9-4?arch=source&distro=questing

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

Other

9-4

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "9-4",
            "binary_name": "libluksmeta-dev"
        },
        {
            "binary_version": "9-4",
            "binary_name": "libluksmeta0"
        },
        {
            "binary_version": "9-4",
            "binary_name": "luksmeta"
        }
    ]
}

Ubuntu:Pro:18.04:LTS

luksmeta

Package

Name: luksmeta
Purl: pkg:deb/ubuntu/luksmeta@8-3build1?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

Other

8-2

8-3

8-3build1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "8-3build1",
            "binary_name": "libluksmeta-dev"
        },
        {
            "binary_version": "8-3build1",
            "binary_name": "libluksmeta0"
        },
        {
            "binary_version": "8-3build1",
            "binary_name": "luksmeta"
        }
    ]
}

Ubuntu:Pro:20.04:LTS

luksmeta

Package

Name: luksmeta
Purl: pkg:deb/ubuntu/luksmeta@9-3?arch=source&distro=esm-apps/focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

Other

9-3

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "9-3",
            "binary_name": "libluksmeta-dev"
        },
        {
            "binary_version": "9-3",
            "binary_name": "libluksmeta0"
        },
        {
            "binary_version": "9-3",
            "binary_name": "luksmeta"
        }
    ]
}