Both cryptoloop and dm-crypt are reported prone to an information disclosure vulnerability. Reports indicate that certain watermarked files may be detected on a filesystem that is encrypted using the affected loop device encryption schemes. It should be noted that a successful attack would reveal the presence of a watermarked file but not the file contents. The following exploit is available: # /data/vulnerabilities/exploits/cryptoloop-exploit.tar.bz2
Closing as upstream - this seems to be a bad implementation of AES for cryptoloop in general rather than a specific issue relating to some code so upstream will have to remove it/fix it.