CVE-2004-2135

NameCVE-2004-2135
Descriptioncryptoloop on Linux kernel 2.6.x, when used on certain file systems with a block size 1024 or greater, has certain "IV computation" weaknesses that allow watermarked files to be detected without decryption.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
linux-2.6source(unstable)2.6.32-2unimportant
linux-2.6.24source(unstable)(unfixed)unimportant

Notes

minor issue; solution (removal of cryptoloop) would be a significant change
if backported to the stable releases
mitigation: use dm-crypt or loop-aes for disk encrytion instead of cryptoloop

Search for package or bug name: Reporting problems