Vulnerabilities in LUKS2 disk encryption for confidential VMs

• Trail of Bits is disclosing vulnerabilities in eight different confidential computing systems that use Linux Unified Key Setup version 2 (LUKS2) for disk encryption. • Using these vulnerabilities, a malicious actor with access to storage disks can extract all confidential data stored on that disk and can modify the contents of the disk arbitrarily. • The vulnerabilities are caused by malleable metadata headers that allow an attacker to trick a trusted execution environment guest into encrypting secret data with a null cipher. • The following CVEs are associated with this disclosure: CVE-2025-59054 CVE-2025-58356 This is a coordinated disclosure; we have notified the following projects, which remediated the issues prior to our publication. • Oasis Protocol:oasis-sdk(v0.7.2) Phala Network:dstack(v0.5.4) Flashbots TDX:tdx-init(v0.2.0) Secret Network:secret-vm-ops Fortanix Salmiac:salmiac Edgeless Constellation:constellation(v2.24.0) Edgeless Contrast:contrast(v1.12.1, v1.13.0) Cosmian VM:cosmian-vm Wenotified the maintainers ofcryptsetup, resulting in a partial mitigation introduced incryptsetupv2.8.1. • We also notified the Confidential Containers project, who indicated that the relevant code, part of theguest-componentsrepository, is not currently used in production.

Article Summaries:

• Trail of Bits has disclosed eight separate vulnerabilities affecting Linux Unified Key Setup version 2 (LUKS2) used by confidential computing systems. The flaws stem from malleable metadata headers that allow an attacker with write access to a disk to trick a trusted execution environment (TEE) guest into encrypting data with a null cipher, enabling full data extraction or arbitrary modification of disk contents. The affected projects-Oasis Protocol, Phala Network, Flashbots TDX, Secret Network, Fortanix Salmiac, Edgeless Constellation, Edgeless Contrast, and Cosmian VM-have been notified and patched before publication. Users should upgrade to the latest releases and reject pre‑patch attestation reports. No wild exploitation has been reported.

Sources:

• https://blog.trailofbits.com/2025/10/30/vulnerabilities-in-luks2-disk-encryption-for-confidential-vms/