Added security checks to prevent mounting VeraCrypt volumes on system directories (like /usr/bin) or directories in the user's PATH, which could theoretically allow execution of malicious binaries instead of legitimate system binaries.
Key changes:
- Block mounting on protected system directories (/usr, /bin, /lib, etc.)
This restriction cannot be overridden
- Block mounting on directories present in user's PATH environment variable
This can be overridden with --allow-insecure-mount flag
- Add visual warnings (red border, "[INSECURE MODE]") when mounting on PATH directories is allowed
- Handle symlinks properly when checking paths
- Add new error messages for blocked mount points
To override PATH-based restrictions only (system directories remain protected):
veracrypt --allow-insecure-mount [options] volume mountpoint
Security Impact: Low to Medium
The attack requires either:
- User explicitly choosing a system directory as mount point instead of using VeraCrypt's default mount points
- Or attacker having both filesystem access to modify favorites configuration AND knowledge of the volume password
Default mount points are not affected by this vulnerability.
Security: CVE-2025-23021
This commit fixes a critical security vulnerability where VeraCrypt could be tricked into executing malicious binaries with elevated privileges. The vulnerability has two severe implications:
1. When sudo's secure_path option is disabled, attackers could execute malicious binaries with root privileges by placing them in user-writable PATH directories (e.g., making "sudo mount" execute a malicious mount binary)
2. By placing a malicious sudo binary in PATH, attackers could intercept and steal the user's password when VeraCrypt prompts for sudo authentication
The vulnerability allowed attackers to place malicious binaries in user-writable directories that appear in PATH before system directories, potentially leading to privilege escalation and credential theft.
Key changes:
- Implement FindSystemBinary() to locate executables in secure system paths
- Replace all relative binary paths with absolute paths for system commands
- Add security checks for executable permissions
- Update process execution to use absolute paths for:
* sudo
* mount
* fsck
* terminal emulators
* file managers
* system utilities (hdiutil, mdconfig, vnconfig, lofiadm)
The fix ensures all system binaries are called using their absolute paths from secure system directories, preventing both privilege escalation through PATH manipulation and password theft through sudo hijacking.
Security: CVE-2024-54187
Currently on a system without xterm or konsole (like fresh
Ubuntu install) the fsck check will not launch. Added
gnome-terminal as an alternative and fixed an issue where
konsole will always error out as --title and --caption are
no longer valid arguments.
Previously the error message was simply "xterm not found", so
new LangString LINUX_EX2MSG_TERMINALNOTFOUND was added to let the
user knows which programs they need to get the feature working.
The variable has enough capacity so pointer &buffer[0] is valid but since clear method was called, we are not supposed to access element at index 0.
Related to Github issue #896
We query the kern.geom.conftxt sysctl for the GEOM configuration to find
the partition offset. Technically speaking it would probably be better
to link against libgeom but this is less overall intrusive. Also
includes a small fix to find the parent device of an encrypted partition
when it is a GPT partition rather than a BSD slice.
* Revert previous commit
* Fix "Invalid characters..." issue by not using "foreach" macro
The "foreach" macro creates a copy of the container.
This copy is destroyed immediately after the iteration is completed.
C-strings pointers passed to the local array were invalidated
with destroying of "std::string"s contained in the copy.
Starting with glibc 2.26, macros "major" and "minor" are only
available from <sys/sysmacros.h> [0]. The build fails with the
following without including this header:
Unix/FilesystemPath.cpp:84:49: error: ‘major’ was not declared in this scope
Unix/FilesystemPath.cpp:84:113: error: ‘minor’ was not declared in this scope
[0] https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html
