| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
(CVE-2025-23021, reported by SivertPL @__tfr)
Added security checks to prevent mounting VeraCrypt volumes on system directories (like /usr/bin) or directories in the user's PATH, which could theoretically allow execution of malicious binaries instead of legitimate system binaries.
Key changes:
- Block mounting on protected system directories (/usr, /bin, /lib, etc.)
This restriction cannot be overridden
- Block mounting on directories present in user's PATH environment variable
This can be overridden with --allow-insecure-mount flag
- Add visual warnings (red border, "[INSECURE MODE]") when mounting on PATH directories is allowed
- Handle symlinks properly when checking paths
- Add new error messages for blocked mount points
To override PATH-based restrictions only (system directories remain protected):
veracrypt --allow-insecure-mount [options] volume mountpoint
Security Impact: Low to Medium
The attack requires either:
- User explicitly choosing a system directory as mount point instead of using VeraCrypt's default mount points
- Or attacker having both filesystem access to modify favorites configuration AND knowledge of the volume password
Default mount points are not affected by this vulnerability.
Security: CVE-2025-23021
|
|
hijacking (CVE-2024-54187, collaboration with SivertPL @__tfr)
This commit fixes a critical security vulnerability where VeraCrypt could be tricked into executing malicious binaries with elevated privileges. The vulnerability has two severe implications:
1. When sudo's secure_path option is disabled, attackers could execute malicious binaries with root privileges by placing them in user-writable PATH directories (e.g., making "sudo mount" execute a malicious mount binary)
2. By placing a malicious sudo binary in PATH, attackers could intercept and steal the user's password when VeraCrypt prompts for sudo authentication
The vulnerability allowed attackers to place malicious binaries in user-writable directories that appear in PATH before system directories, potentially leading to privilege escalation and credential theft.
Key changes:
- Implement FindSystemBinary() to locate executables in secure system paths
- Replace all relative binary paths with absolute paths for system commands
- Add security checks for executable permissions
- Update process execution to use absolute paths for:
* sudo
* mount
* fsck
* terminal emulators
* file managers
* system utilities (hdiutil, mdconfig, vnconfig, lofiadm)
The fix ensures all system binaries are called using their absolute paths from secure system directories, preventing both privilege escalation through PATH manipulation and password theft through sudo hijacking.
Security: CVE-2024-54187
|
|
Update Windows drivers.
|
|
|
|
|
|
|
|
|
|
Currently on a system without xterm or konsole (like fresh
Ubuntu install) the fsck check will not launch. Added
gnome-terminal as an alternative and fixed an issue where
konsole will always error out as --title and --caption are
no longer valid arguments.
Previously the error message was simply "xterm not found", so
new LangString LINUX_EX2MSG_TERMINALNOTFOUND was added to let the
user knows which programs they need to get the feature working.
|
|
assert in libstdc++.
The variable has enough capacity so pointer &buffer[0] is valid but since clear method was called, we are not supposed to access element at index 0.
Related to Github issue #896
|
|
We query the kern.geom.conftxt sysctl for the GEOM configuration to find
the partition offset. Technically speaking it would probably be better
to link against libgeom but this is less overall intrusive. Also
includes a small fix to find the parent device of an encrypted partition
when it is a GPT partition rather than a BSD slice.
|
|
* OpenBSD: add basic support
modified: Build/Include/Makefile.inc
modified: Driver/Fuse/FuseService.cpp
modified: Main/FatalErrorHandler.cpp
modified: Makefile
modified: Platform/Unix/File.cpp
modified: Platform/Unix/FilesystemPath.cpp
modified: Platform/Unix/SystemInfo.cpp
* OpenBSD: some necessary files were missing
new file: Core/Unix/OpenBSD/CoreOpenBSD.cpp
new file: Core/Unix/OpenBSD/CoreOpenBSD.h
new file: Core/Unix/OpenBSD/System.h
|
|
compiler not optimizing calls to method Memory::Erase
|
|
implementation which is kept for compatibility with older compilers. We also introduce compatibility code for old compilers that don't define std::unique_ptr
|
|
possible undefined output value in UserPreferences::SetValue and missing initialization of member variables in File constructor
|
|
|
|
Signed-off-by: alt3r 3go <alt3r.3go@protonmail.com>
|
|
|
|
* Revert previous commit
* Fix "Invalid characters..." issue by not using "foreach" macro
The "foreach" macro creates a copy of the container.
This copy is destroyed immediately after the iteration is completed.
C-strings pointers passed to the local array were invalidated
with destroying of "std::string"s contained in the copy.
|
|
|
|
Starting with glibc 2.26, macros "major" and "minor" are only
available from <sys/sysmacros.h> [0]. The build fails with the
following without including this header:
Unix/FilesystemPath.cpp:84:49: error: ‘major’ was not declared in this scope
Unix/FilesystemPath.cpp:84:113: error: ‘minor’ was not declared in this scope
[0] https://sourceware.org/ml/libc-alpha/2017-02/msg00079.html
|
|
|
|
|
|
|
|
uses SSE.
|
|
|
|
|
|
It was caused by an issue of gcc-5 STL implementation that is causing char* pointers retrieved from std::string using c_str method to become invalid in the child of a child process (after two fork calls). The workaround is to first copy the std:string values in the child before calling the second fork.
|
|
|
|
parameters in GUI more robust.
|
|
and TrueCrypt 3.0.
|
|
|
|
many GTK issues linked to multi-threaded origine of events by implementing an automatic mechanism for handling such requests in the main thread.
|
|
Resources::GetTrueCryptIcon to Resources::GetVeraCryptIcon.
|
|
|
|
|
|
|
|
|
