kernel-packages team mailing list archive

Thread
Date

[Bug 196368] Re: Encrypted LUKS disks store passphrase plaintext in memory

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: "Christopher M. Penalver" <christopher.m.penalver@xxxxxxxxx>
Date: Sun, 12 Oct 2014 16:33:35 -0000
Reply-to: Bug 196368 <196368@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Mark Featherston, this bug was reported a while ago and there hasn't
been any activity in it recently. We were wondering if this is still an
issue? If so, could you please test for this with the latest development
release of Ubuntu? ISO images are available from
http://cdimage.ubuntu.com/daily-live/current/ .

If it remains an issue, could you please run the following command in
the development release from a terminal, as it will automatically gather
and attach updated debug information to this report:

apport-collect -p linux REPLACE-WITH-BUG-NUMBER

If reproducible, could you also please test the latest upstream kernel available from the very top line at the top of the page (not the daily folder) following https://wiki.ubuntu.com/KernelMainlineBuilds ? It will allow additional upstream developers to examine the issue. Once you've tested the upstream kernel, please comment on which kernel version specifically you tested. If this bug is fixed in the mainline kernel, please add the following tags:
kernel-fixed-upstream
kernel-fixed-upstream-VERSION-NUMBER

where VERSION-NUMBER is the version number of the kernel you tested exactly shown as:
kernel-fixed-upstream-3.17

This can be done by clicking on the yellow circle with a black pencil
icon next to the word Tags located at the bottom of the bug description.

If the mainline kernel does not fix this bug, please add the following tags:
kernel-bug-exists-upstream
kernel-bug-exists-upstream-VERSION-NUMBER

Once testing of the upstream kernel is complete, please mark this bug's
Status as Confirmed. Please let us know your results. Thank you for your
understanding.

** Tags removed: disk encrypted luks
** Tags added: hardy

** Changed in: linux (Ubuntu)
Importance: Undecided => Medium

** Changed in: linux (Ubuntu)
Status: Confirmed => Incomplete

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/196368

Title:
Encrypted LUKS disks store passphrase plaintext in memory

Status in “linux” package in Ubuntu:
Incomplete

Bug description:
To test this, run "sudo cat /dev/mem | strings | grep
firstfewcharsofpassphrase" and eventually the entire string will turn
up. I've only tested this in hardy, but I expect it is also present
in Gutsy. My roomate running Gentoo with LUKS also has this problem,
while another roomate using gentoo and truecrypt did not.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/196368/+subscriptions