The "cryptsetup initrd root shell" vulnerability

Hector Marco and Ismael Ripoll reporta discouraging vulnerability in many encrypted disk setups: simply runningup too many password failures will eventually result in a root shell."This vulnerability allows to obtain a root initramfs shell onaffected systems. The vulnerability is very reliable because it doesn'tdepend on specific systems or configurations. Attackers can copy, modify ordestroy the hard disc as well as set up the network to exfiltratedata. This vulnerability is specially serious in environments likelibraries, ATMs, airport machines, labs, etc, where the whole boot processis protect (password in BIOS and GRUB) and we only have a keyboard or/and amouse."