Edgeless Systems Constellation LUKS2 Volume Encryption Vulnerability

A vulnerability exists in Edgeless Systems Constellation's use of LUKS2-encrypted volumes for persistent storage. When opening an encrypted storage device, the Constellation CVM image relies on the libcryptsetup function crypt_activate_by_passhrase. However, due to improper handling of null keyslot algorithms in cryptsetup version 2.8.1, it is possible for a volume to be opened without proper encryption. This issue arises because cryptsetup versions prior to 2.8.1 do not error when encountering LUKS2 disks using the cipher_null-ecb algorithm, allowing an attacker to create a volume that appears to decrypt correctly but actually exposes data in plaintext or with an attacker-known key.

Impact

Exploitation of this vulnerability allows for the creation of LUKS2 volumes that, when opened by a Constellation VM, write data in plaintext or with an attacker-controlled key, potentially compromising confidential information.

Remediation

Users can upgrade to Edgeless Systems Constellation version 2.24.0, which addresses this vulnerability by detaching the LUKS header verification process and implementing checks to ensure that null encryption algorithms do not compromise volume confidentiality.