[rjmalagon]

It is a fixed bug. Your target needs to be an outdated Linux distro.

In a current one or patched one, is more likely to have a non-vulnerable LUKS2 volume that you can not downgrade to a vulnerable one, or a kernel and userspace tools non-vulnerable to the metadata manipulation even for a LUKS1 volume.

I concede the plausible scenario of replacing the kernel to a vulnerable one, if you ha access to the drive (by external OS boot or get the hardware) and replacing the kernel on the usually unencrypted boot partition along modifying the LUKS2 metadata of the encrypted volume. Not a quick local or remote feat to do. Not doable on an encrypted boot volume or signed boot files (secure boot thingy). Sincerely, if you have that kind of access, it is easier to modify the initramfs file to grab the LUKS key.

[pmontra]

Not so outdated. No Ubuntu version has the fix up to now. They think 18.04 is not affected [1]

  Ubuntu 21.10   Needed
  Ubuntu 21.04   Ignored (reached end-of-life)
  Ubuntu 20.04   Needed
  Ubuntu 18.04   Not vulnerable (code not present) 

[1] https://ubuntu.com/security/CVE-2021-4122

[rjmalagon]

Yup, Ubuntu is ongoing in this. Debian is in a better shape.