MEDIUM
Cryptsetup Project
CVE published 2017-01-23
CVE-2016-4484
CVE-2016-4484 is a Debian initrd issue in cryptsetup 2:1.7.3-2 and earlier where repeated invalid password attempts can lead to shell access. The practical risk is strongest on systems with local physical exposure, such as unattended devices or machines where an attacker can interact with the boot process.