CVE Identifier: CVE-2020-14382 Affected Component: cryptsetup --- Vulnerability Type: Out-of-bounds write during segment validation in LUKS2 format code Impact: An attacker could exploit the vulnerability to read data from a crafted image and write it outside the allocated memory, leading to potential information disclosure or system instability. --- Affected Versions: cryptsetup version 2.3.3 and earlier Fixed in Version: cryptsetup 2.3.4 --- Red Hat Security Advisory (RHSA) References: - RHSA-2020:4542 - RHSA-2020:4900 - RHSA-2021:0258 --- Upstream Fix Commit: Link Acknowledgment: The issue was reported and contributed to by Tobias Stoeckmann.