Public/VeraCrypt
1
0
Fork 0
mirror of https://github.com/veracrypt/VeraCrypt.git synced 2025-11-11 02:58:02 -06:00
Code Activity

Linux/FreeBSD: Prevent mounting volumes on system directories and PATH (CVE-2025-23021, reported by SivertPL @__tfr)

Browse Source 
Added security checks to prevent mounting VeraCrypt volumes on system directories (like /usr/bin) or directories in the user's PATH, which could theoretically allow execution of malicious binaries instead of legitimate system binaries.

Key changes:
- Block mounting on protected system directories (/usr, /bin, /lib, etc.)
  This restriction cannot be overridden
- Block mounting on directories present in user's PATH environment variable
  This can be overridden with --allow-insecure-mount flag
- Add visual warnings (red border, "[INSECURE MODE]") when mounting on PATH directories is allowed
- Handle symlinks properly when checking paths
- Add new error messages for blocked mount points

To override PATH-based restrictions only (system directories remain protected):
veracrypt --allow-insecure-mount [options] volume mountpoint

Security Impact: Low to Medium
The attack requires either:
- User explicitly choosing a system directory as mount point instead of using VeraCrypt's default mount points
- Or attacker having both filesystem access to modify favorites configuration AND knowledge of the volume password
Default mount points are not affected by this vulnerability.

Security: CVE-2025-23021
This commit is contained in:
Mounir IDRASSI
2025-01-11 23:22:40 +01:00
parent 2cca2e1daf
commit 078d1410dd
59 changed files with 370 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
Translations/Language.co.xml
View File

@@ -1660,6 +1660,9 @@ Information about Corsican localization:
<entry lang="co" key="ERR_XTS_MASTERKEY_VULNERABLE">AVERTIMENTU : A chjave principale di u vulume hè vulnerevule à un attaccu chì cumprumette à sicurità di i dati.\n\nCi vole à creà un vulume novu è trasferisceci i dati.</entry>
<entry lang="co" key="ERR_SYSENC_XTS_MASTERKEY_VULNERABLE">AVERTIMENTU : A chjave principale di u sistema cifratu hè vulnerevule à un attaccu chì cumprumette à sicurità di i dati.\n\nCi vole à dicifrà a partizione o u lettore di u sistema eppò cifrallu torna.</entry>
<entry lang="co" key="ERR_XTS_MASTERKEY_VULNERABLE_SHORT">AVERTIMENTU : A chjave principale di u vulume hà una vulnerabilità di sicurità.</entry>
<entry lang="en" key="MOUNTPOINT_BLOCKED">ERROR: The volume mount point is blocked because it overrides a protected system directory.\n\nPlease choose a different mount point.</entry>
<entry lang="en" key="MOUNTPOINT_NOTALLOWED">ERROR: The volume mount point is not allowed because it overrides a directory that is part of the PATH environment variable.\n\nPlease choose a different mount point.</entry>
<entry lang="en" key="INSECURE_MODE">[INSECURE MODE]</entry>
</localization>
<xs:schema attributeFormDefault="unqualified" elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="VeraCrypt">