Dstack LUKS2 Volume Vulnerability Allows Unauthorized Data Access in CVM

A vulnerability exists in Dstack versions prior to 0.5.4, where a malicious host can provide a crafted LUKS2 data volume to a Dstack Confidential Virtual Machine (CVM) for the '/data' mount. The CVM will open the volume and write secret data using a volume key known to the attacker. This exploitation leads to the unauthorized disclosure of Wireguard keys and other confidential information. Additionally, the attacker can pre-load data onto the device, potentially compromising the execution of the guest. The issue arises because LUKS2 volume metadata is not authenticated and can use null key-encryption algorithms, allowing the creation of a volume that opens without error using any passphrase or token, while recording writes in plaintext or ciphertext with an attacker-known key.

Impact

Exploitation of this vulnerability results in the unauthorized disclosure of sensitive information, including Wireguard keys and other secret data, within the Dstack CVM.

Reproduction

To reproduce this vulnerability, create a LUKS2 volume with null key-encryption algorithms, allowing it to be opened without a proper passphrase. Once the volume is crafted, upload it to a Dstack CVM as the '/data' mount. When the CVM opens the volume, it will write data using the volume key controlled by the attacker, thereby disclosing sensitive information such as Wireguard keys.

Remediation

Users should update to Dstack version 0.5.4 or later, which addresses the vulnerability by patching the handling of LUKS headers. Additionally, ensure that the Dstack CVM is not using LUKS2 volumes encrypted with null algorithms.