Geli · Geli · CVE-2023-0751
**Name of the Vulnerable Software and Affected Versions**
GELI (affected versions not specified)
**Description**
The issue arises when GELI reads a key file from standard input and does not reuse it to initialize multiple providers simultaneously. As a result, subsequent devices use a NULL key as the user key file. If a user relies solely on a key file without a user passphrase, the master key is encrypted with an empty key file, allowing for trivial recovery of the master key.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.