CVE-2025-58356 | edgelesssys constellation up to 2.23.x libcryptsetup crypt_activate_by_passhrase signature verification (GHSA-hq76-6gh2-5g4q)

A vulnerability has been found in edgelesssys constellation up to 2.23.x and classified as problematic. This vulnerability affects the function crypt_activate_by_passhrase of the component libcryptsetup. The manipulation leads to improper verification of cryptographic signature.

This vulnerability is traded as CVE-2025-58356. An attack has to be approached locally. There is no exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More