Canonical Company corrective release of the installer , which is used by default for installing Ubuntu Server since the 18.04 release when installing in live mode. Fixed in the new release () caused by saving in the log the password set by the user to access the encrypted LUKS partition created during installation. Updates with the elimination of the vulnerability have not yet been published, but the new version of Subiquity with the fix in the Snap Store directory, from which the installer can be updated when booting in Live mode, at a stage before the installation of the system begins.
The password for the encrypted partition is stored in cleartext in the autoinstall-user-data, curtin-install-cfg.yaml, curtin-install.log, installer-journal.txt, and subiquity-curtin-install.conf files, which are saved after installation in the / directory var/log/installer. In configurations where the /var partition is not encrypted, if the system falls into the wrong hands, the password for the encrypted partitions can be extracted from these files, which negates the use of encryption.
Source: opennet.ru