CVE-2025-11568

MEDIUM

luksmeta - Memory Corruption

Title source: llm

Description

A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the available space, causing the metadata to overwrite and corrupt the user's encrypted data. This action leads to a permanent loss of the stored information. Devices using the LUKS formats other than LUKS1 are not affected by this issue.

References (4)

https://github.com/latchset/luksmeta/pull/16

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2025:23086

[Vendor Advisory] https://access.redhat.com/security/cve/CVE-2025-11568

[Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=2404244

Scores

CVSS v3 4.4

EPSS 0.0002

EPSS Percentile 4.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-1284

Status published

Products (6)

Latchset/luksmeta < 10

Red Hat/Red Hat Enterprise Linux 10

Red Hat/Red Hat Enterprise Linux 7

Red Hat/Red Hat Enterprise Linux 8 0:9-4.el8_10.1

Red Hat/Red Hat Enterprise Linux 9

Red Hat/Red Hat OpenShift Container Platform 4

Published Oct 15, 2025

Tracked Since Feb 18, 2026