CVE-2026-32606: CWE-522: Insufficiently Protected Credentials in lxc incus-os
IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the system's owner or any tampering of Secure Boot state or kernel (UKI) boot image. That's because in this configuration, the LUKS key is made available by the TPM so long as the system has the expected PCR7 value and the PCR11 policy matches. That default PCR11 policy importantly allows for the TPM to release the key to the booted system rather than just from the initrd part of the signed kernel image (UKI). The attack relies on the attacker being able to substitute the original encrypted root partition for one that they control. By doing so, the system will prompt for a recovery key on boot, which the attacker has defined and can provide, before booting the system using the attacker's root partition rather than the system's original one. The attacker only needs to put a systemd unit starting on system boot within their root partition to have the system run that logic on boot. That unit will then run in an environment where the TPM will allow for the retrieval of the encryption key of the real root disk, allowing the attacker to steal the LUKS volume key (immutable master key) and then use it against the real root disk, altering it or getting data out before putting the disk back the way it was and returning the system without a trace of this attack having happened. This is all possible because the system will have still booted with Secure Boot enabled, will have measured and ran the expected bootloader and kernel image (UKI). The initrd selects the root disk based on GPT partition identifiers making it possible to easily substitute the real root disk for an attacker controlled one. This doesn't lead to any change in the TPM state and therefore allows for retrieval of the LUKS key by the attacker through a boot time systemd unit on their alternative root partition. IncusOS version 202603142010 (2026/03/14 20:10 UTC) includes the new PCR15 logic and will automatically update the TPM policy on boot. Anyone suspecting that their system may have been physically accessed while shut down should perform a full system wipe and reinstallation as only that will rotate the LUKS volume key and prevent subsequent access to the encrypted data should the system have been previously compromised. There are no known workarounds other than updating to a version with corrected logic which will automatically rebind the LUKS keys to the new set of TPM registers and prevent this from being exploited.
AI Analysis
Technical Summary
CVE-2026-32606 is a vulnerability in IncusOS, an immutable OS image designed to run Incus, affecting versions prior to 202603142010. The root cause lies in the default configuration of systemd-cryptenroll used via mkosi, which configures the TPM to release the LUKS encryption key based on PCR7 and PCR11 values. Critically, the PCR11 policy allows the TPM to release the key to the fully booted system rather than restricting it to the initrd phase of the signed kernel image (UKI). This misconfiguration enables an attacker with physical access to the machine to perform a root partition substitution attack. By replacing the original encrypted root partition with one controlled by the attacker, the system prompts for a recovery key at boot, which the attacker can supply. The system then boots from the attacker's root partition, which can include a systemd unit configured to run at startup. This unit operates in an environment where the TPM releases the encryption key for the real root disk, allowing the attacker to extract the immutable LUKS master key. With this key, the attacker can decrypt, modify, or exfiltrate data from the original root disk before restoring it to avoid detection. The attack does not require tampering with Secure Boot or the TPM state, as the bootloader and kernel measurements remain valid. The vulnerability exploits the GPT partition identifier-based root disk selection, facilitating the root partition swap. The patched IncusOS version 202603142010 introduces new PCR15 logic that updates TPM policies to bind keys more securely, preventing this attack vector. Because the LUKS key is immutable and not rotated automatically, any system suspected of physical compromise must undergo a full wipe and reinstallation to rotate keys and secure data. No alternative mitigations or workarounds are available besides updating to the fixed version.
Potential Impact
This vulnerability poses a significant risk to the confidentiality, integrity, and availability of data on affected IncusOS systems. An attacker with physical access can bypass encryption protections without alerting the system owner or triggering Secure Boot or TPM state changes. By extracting the immutable LUKS volume key, the attacker gains full access to encrypted data, enabling data theft, unauthorized modification, or persistent backdoors. The stealthy nature of the attack, which leaves no trace after restoring the original root disk, complicates forensic detection and incident response. Organizations relying on IncusOS for secure, encrypted environments—especially in sensitive or high-security contexts—face potential data breaches and system compromise. The requirement for physical access limits remote exploitation but elevates risk in environments where devices may be physically accessible to adversaries, such as data centers, edge deployments, or shared facilities. The lack of known exploits in the wild currently reduces immediate threat but the high CVSS score (7.7) and ease of exploitation with physical access make timely patching critical to prevent future attacks.
Mitigation Recommendations
The primary mitigation is to upgrade all affected IncusOS systems to version 202603142010 or later, which includes the corrected TPM PCR15 policy logic that securely binds LUKS keys and prevents this attack. Organizations should implement strict physical security controls to prevent unauthorized access to systems, including locked server rooms, surveillance, and tamper-evident seals. For systems suspected of physical compromise, a full system wipe and reinstallation is mandatory to rotate the LUKS volume key and eliminate any attacker persistence. Administrators should audit boot configurations and GPT partition identifiers to detect unauthorized root partition substitutions. Implementing monitoring for unexpected systemd units or unusual boot-time behaviors can help detect exploitation attempts. Additionally, consider integrating hardware security modules or enhanced TPM configurations that restrict key release policies more tightly. Regularly review and update system images and cryptographic policies to align with best practices. Finally, maintain an incident response plan that includes procedures for physical compromise scenarios and key rotation.
Affected Countries
United States, Germany, France, United Kingdom, Japan, South Korea, Canada, Australia, Netherlands, Sweden
CVE-2026-32606: CWE-522: Insufficiently Protected Credentials in lxc incus-os
Description
IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the system's owner or any tampering of Secure Boot state or kernel (UKI) boot image. That's because in this configuration, the LUKS key is made available by the TPM so long as the system has the expected PCR7 value and the PCR11 policy matches. That default PCR11 policy importantly allows for the TPM to release the key to the booted system rather than just from the initrd part of the signed kernel image (UKI). The attack relies on the attacker being able to substitute the original encrypted root partition for one that they control. By doing so, the system will prompt for a recovery key on boot, which the attacker has defined and can provide, before booting the system using the attacker's root partition rather than the system's original one. The attacker only needs to put a systemd unit starting on system boot within their root partition to have the system run that logic on boot. That unit will then run in an environment where the TPM will allow for the retrieval of the encryption key of the real root disk, allowing the attacker to steal the LUKS volume key (immutable master key) and then use it against the real root disk, altering it or getting data out before putting the disk back the way it was and returning the system without a trace of this attack having happened. This is all possible because the system will have still booted with Secure Boot enabled, will have measured and ran the expected bootloader and kernel image (UKI). The initrd selects the root disk based on GPT partition identifiers making it possible to easily substitute the real root disk for an attacker controlled one. This doesn't lead to any change in the TPM state and therefore allows for retrieval of the LUKS key by the attacker through a boot time systemd unit on their alternative root partition. IncusOS version 202603142010 (2026/03/14 20:10 UTC) includes the new PCR15 logic and will automatically update the TPM policy on boot. Anyone suspecting that their system may have been physically accessed while shut down should perform a full system wipe and reinstallation as only that will rotate the LUKS volume key and prevent subsequent access to the encrypted data should the system have been previously compromised. There are no known workarounds other than updating to a version with corrected logic which will automatically rebind the LUKS keys to the new set of TPM registers and prevent this from being exploited.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-32606 is a vulnerability in IncusOS, an immutable OS image designed to run Incus, affecting versions prior to 202603142010. The root cause lies in the default configuration of systemd-cryptenroll used via mkosi, which configures the TPM to release the LUKS encryption key based on PCR7 and PCR11 values. Critically, the PCR11 policy allows the TPM to release the key to the fully booted system rather than restricting it to the initrd phase of the signed kernel image (UKI). This misconfiguration enables an attacker with physical access to the machine to perform a root partition substitution attack. By replacing the original encrypted root partition with one controlled by the attacker, the system prompts for a recovery key at boot, which the attacker can supply. The system then boots from the attacker's root partition, which can include a systemd unit configured to run at startup. This unit operates in an environment where the TPM releases the encryption key for the real root disk, allowing the attacker to extract the immutable LUKS master key. With this key, the attacker can decrypt, modify, or exfiltrate data from the original root disk before restoring it to avoid detection. The attack does not require tampering with Secure Boot or the TPM state, as the bootloader and kernel measurements remain valid. The vulnerability exploits the GPT partition identifier-based root disk selection, facilitating the root partition swap. The patched IncusOS version 202603142010 introduces new PCR15 logic that updates TPM policies to bind keys more securely, preventing this attack vector. Because the LUKS key is immutable and not rotated automatically, any system suspected of physical compromise must undergo a full wipe and reinstallation to rotate keys and secure data. No alternative mitigations or workarounds are available besides updating to the fixed version.
Potential Impact
This vulnerability poses a significant risk to the confidentiality, integrity, and availability of data on affected IncusOS systems. An attacker with physical access can bypass encryption protections without alerting the system owner or triggering Secure Boot or TPM state changes. By extracting the immutable LUKS volume key, the attacker gains full access to encrypted data, enabling data theft, unauthorized modification, or persistent backdoors. The stealthy nature of the attack, which leaves no trace after restoring the original root disk, complicates forensic detection and incident response. Organizations relying on IncusOS for secure, encrypted environments—especially in sensitive or high-security contexts—face potential data breaches and system compromise. The requirement for physical access limits remote exploitation but elevates risk in environments where devices may be physically accessible to adversaries, such as data centers, edge deployments, or shared facilities. The lack of known exploits in the wild currently reduces immediate threat but the high CVSS score (7.7) and ease of exploitation with physical access make timely patching critical to prevent future attacks.
Mitigation Recommendations
The primary mitigation is to upgrade all affected IncusOS systems to version 202603142010 or later, which includes the corrected TPM PCR15 policy logic that securely binds LUKS keys and prevents this attack. Organizations should implement strict physical security controls to prevent unauthorized access to systems, including locked server rooms, surveillance, and tamper-evident seals. For systems suspected of physical compromise, a full system wipe and reinstallation is mandatory to rotate the LUKS volume key and eliminate any attacker persistence. Administrators should audit boot configurations and GPT partition identifiers to detect unauthorized root partition substitutions. Implementing monitoring for unexpected systemd units or unusual boot-time behaviors can help detect exploitation attempts. Additionally, consider integrating hardware security modules or enhanced TPM configurations that restrict key release policies more tightly. Regularly review and update system images and cryptographic policies to align with best practices. Finally, maintain an incident response plan that includes procedures for physical compromise scenarios and key rotation.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-03-12T14:54:24.270Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 69bacf27771bdb1749ad833f
Added to database: 3/18/2026, 4:13:27 PM
Last enriched: 3/18/2026, 4:27:40 PM
Last updated: 5/2/2026, 9:22:53 AM
Views: 116
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.