VeraCrypt
aboutsummaryrefslogtreecommitdiff
path: root/src/Platform/Exception.h
AgeCommit message (Collapse)AuthorFilesLines
9 daysLinux/FreeBSD: Prevent mounting volumes on system directories and PATH ↵Mounir IDRASSI1-1/+3
(CVE-2025-23021, reported by SivertPL @__tfr) Added security checks to prevent mounting VeraCrypt volumes on system directories (like /usr/bin) or directories in the user's PATH, which could theoretically allow execution of malicious binaries instead of legitimate system binaries. Key changes: - Block mounting on protected system directories (/usr, /bin, /lib, etc.) This restriction cannot be overridden - Block mounting on directories present in user's PATH environment variable This can be overridden with --allow-insecure-mount flag - Add visual warnings (red border, "[INSECURE MODE]") when mounting on PATH directories is allowed - Handle symlinks properly when checking paths - Add new error messages for blocked mount points To override PATH-based restrictions only (system directories remain protected): veracrypt --allow-insecure-mount [options] volume mountpoint Security Impact: Low to Medium The attack requires either: - User explicitly choosing a system directory as mount point instead of using VeraCrypt's default mount points - Or attacker having both filesystem access to modify favorites configuration AND knowledge of the volume password Default mount points are not affected by this vulnerability. Security: CVE-2025-23021
9 daysIncrement version to 1.26.18. Update copyright date. Update Release Notes. ↵Mounir IDRASSI1-1/+1
Update Windows drivers.
2023-07-24Linux/macOS: Remove TrueCrypt supportMounir IDRASSI1-2/+0
2023-06-01Fix issues launching fsck via terminal on Linux (#1086)Jertzukka1-0/+1
Currently on a system without xterm or konsole (like fresh Ubuntu install) the fsck check will not launch. Added gnome-terminal as an alternative and fixed an issue where konsole will always error out as --title and --caption are no longer valid arguments. Previously the error message was simply "xterm not found", so new LangString LINUX_EX2MSG_TERMINALNOTFOUND was added to let the user knows which programs they need to get the feature working.
2019-12-01UNIX: make sector size mismatch error more verbose (#552) (#561)alt3r 3go1-0/+1
Signed-off-by: alt3r 3go <alt3r.3go@protonmail.com>
2017-06-23Update IDRIX copyright yearMounir IDRASSI1-1/+1
2016-05-10Remove trailing whitespaceDavid Foerster1-1/+1
2016-05-10Normalize all line terminatorsDavid Foerster1-104/+104
2016-01-20Copyright: update dates to include 2016.Mounir IDRASSI1-1/+1
2015-08-06Update license information to reflect the use of a dual license Apache 2.0 ↵Mounir IDRASSI1-6/+10
and TrueCrypt 3.0.
2014-12-30Linux/MacOSX: Implement TrueCrypt conversion and loading support. Correct ↵Mounir IDRASSI1-1/+3
many GTK issues linked to multi-threaded origine of events by implementing an automatic mechanism for handling such requests in the main thread.
2014-11-08Change namespace from TrueCrypt to VeraCrypt. Rename method from Resources ↵Mounir IDRASSI1-1/+1
Resources::GetTrueCryptIcon to Resources::GetVeraCryptIcon.
2014-11-08Add original TrueCrypt 7.1a sourcesMounir IDRASSI1-0/+110