Data Corruption Vulnerability in LUKS1 Disk Encryption by Red Hat
CVE-2025-11568

4.4MEDIUM

Key Information:

Vendor

Red Hat
Status
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9
Vendor
CVE Published:
15 October 2025

What is CVE-2025-11568?

A significant data corruption vulnerability has been discovered in the luksmeta utility, specifically when utilized with the LUKS1 disk encryption format. This flaw allows an attacker with the necessary permissions to exploit the system by writing an excessive amount of metadata to an encrypted device. The failure of the utility to appropriately verify the available space can result in the metadata overwriting and corrupting the user's encrypted data, ultimately leading to a permanent loss of information stored on the device. Notably, systems utilizing other LUKS formats, aside from LUKS1, remain unaffected by this vulnerability.

References

https://access.redhat.com/security/cve/CVE-2025-11568
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2404244
issue-trackingx_refsource_REDHAT

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-11568 : Data Corruption Vulnerability in LUKS1 Disk Encryption by Red Hat