CVE-2025-11568
Published: Oct 15, 2025
Modified: May 19, 2026
CVSS v3.1
4.4
Description
A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the available space, causing the metadata to overwrite and corrupt the user's encrypted data. This action leads to a permanent loss of the stored information. Devices using the LUKS formats other than LUKS1 are not affected by this issue.
| Vendor | Product | Versions |
|---|---|---|
Latchset | luksmeta | affected 0 - < 10 |
Red Hat | Red Hat Enterprise Linux 10 | unaffected 0:10-1.el10 - < * |
Red Hat | Red Hat Enterprise Linux 8 | unaffected 0:9-4.el8_10.1 - < * |
Red Hat | Red Hat Enterprise Linux 9 | unaffected 0:10-1.el9 - < * |
Red Hat | Red Hat Enterprise Linux 7 | All versions |
Red Hat | Red Hat OpenShift Container Platform 4 | All versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now