CVE-2025-59054 is a high-severity vulnerability affecting versions of the dstack SDK prior to 0.5.4. dstack is a software development kit designed to facilitate the deployment of containerized applications into trusted execution environments (TEEs). The vulnerability arises from the way dstack handles LUKS2 encrypted data volumes used as the `/data` mount within a containerized virtual machine (CVM). Specifically, a malicious host can supply a crafted LUKS2 volume that exploits the lack of authentication in LUKS2 volume metadata and the support for null key-encryption algorithms. This allows the attacker to create a volume that opens without error using any passphrase or token, records all writes in plaintext or ciphertext with an attacker-known key, and can preload arbitrary data. Consequently, secret data written by the guest, including sensitive Wireguard keys and other confidential information, can be disclosed to the attacker. Additionally, preloading data on the device can potentially compromise the integrity of guest execution. The root cause is the unauthenticated LUKS2 metadata combined with the ability to use null encryption keys, which undermines the confidentiality and integrity guarantees expected from the encrypted volume. The vulnerability does not require authentication or user interaction and can be exploited remotely by a malicious host controlling the volume. The vendor addressed this issue in dstack version 0.5.4 by patching the handling of LUKS headers to prevent such attacks. The CVSS 4.0 base score is 8.5 (high), reflecting the significant confidentiality and integrity impacts with relatively low attack complexity and no privileges or user interaction required.

For European organizations, this vulnerability poses a serious risk to the confidentiality and integrity of sensitive data processed within containerized applications deployed via dstack in trusted execution environments. Wireguard keys and other secret credentials exposed through this flaw could lead to unauthorized network access, lateral movement, and data exfiltration. The ability to preload arbitrary data on the device further risks execution of malicious code or manipulation of application behavior, potentially leading to broader system compromise. Organizations relying on dstack for secure container deployment in sectors such as finance, healthcare, and critical infrastructure could face regulatory and operational impacts due to data breaches or service disruptions. Given the nature of TEEs as a security boundary, this vulnerability undermines trust in the isolation guarantees, which could have cascading effects on compliance with European data protection regulations like GDPR. The lack of known exploits in the wild currently reduces immediate risk, but the high severity and ease of exploitation by a malicious host warrant urgent attention.

European organizations using dstack should immediately upgrade to version 0.5.4 or later, which contains the patch addressing the LUKS header handling vulnerability. Until upgrade, organizations should avoid mounting untrusted or externally provided LUKS2 volumes as `/data` within dstack CVMs. Implement strict validation and integrity checks on any encrypted volumes before use, including verifying cryptographic metadata authenticity outside of dstack. Network segmentation and host hardening should be employed to limit the ability of potentially malicious hosts to supply crafted volumes. Monitoring for anomalous access patterns or unexpected volume mounts can help detect exploitation attempts. Additionally, organizations should review and rotate any Wireguard keys or other secrets that may have been exposed due to this vulnerability. Incorporating hardware-based attestation and secure boot mechanisms for the host environment can further reduce the risk of malicious volume injection. Finally, security teams should maintain awareness of any emerging exploits or patches related to this CVE.