Vulnerabilities in LUKS2 disk encryption for confidential VMs

Trail of Bits revealed vulnerabilities in confidential computing systems using Linux LUKS2 disk encryption, allowing attackers to access and modify confidential data. These vulnerabilities stem from malleable metadata headers, tricking systems into using a null cipher for encryption. The issue affects confidential VMs used for tasks like private AI and blockchains, compromising confidentiality, integrity, and authenticity. Attackers with disk write access can exploit this by modifying the header to use a null cipher, effectively disabling encryption. Cryptsetup v2.8.1 introduced a partial mitigation, rejecting null ciphers for keyslots with passwords. To remediate, users should update to the latest versions and consumers of attestation reports should disallow pre-patch versions. Validating LUKS metadata through methods like MAC usage, parameter validation, or attestation measurements is crucial. Impacted projects were notified, and patches were released by Oasis Protocol, Phala Network, Flashbots, Secret Network, Fortanix, Edgeless, and Cosmian VM. Cryptsetup received a partial mitigation, while Confidential Containers acknowledged the issue for future development.