Premium
This is an archive article published on December 21, 2015

Linux vulnerability lets anyone log-in into comp by tapping backspace 28 times

Linux has serious vulnerability in its GRUB bootloader which could allow hackers to access a locked computer by just typing the backspace key 28 times.

google-preferred-btn
Linux, Linux vulnerability, Linux backspace hacking, Linux Grub boot-loader, Linux boot-loader, Linux problem, Linux issue, technology, technology news Linux has serious flaw in its Grub bootloader which could let hackers access a locked machine.

Linux has a serious vulnerability in its GRUB bootloader which could allow hackers to access a locked computer by just typing the backspace key 28 times.

The issue was first reported by two researchers Hector Marco and Ismael Ripoll from the Cybersecurity Group at the Universitat Politècnica de València, according to a report on PCWorld. The researchers have put up the full details of the potential flaw in the Linux system here.

According to the PCWorld report, GRUB (Grand Unified Bootloader) is used by most Linux distributions, has a password feature that can restrict boot entries. The protection is important especially in organisations that are using Linux.

Story continues below this ad

Dell admits security issues in its laptops makes them vulnerable to hackers

The researchers showed that by pressing the backspace key 28 times, hackers can bypass the need to put in a password or username and gain access.

According to the researchers, the bug is in the code of Grub since version 1.98 (December, 2009) affecting loader versions till December 2015.

Hackers who successfully exploit this can get access to a Grub rescue shell, a very powerful shell which can give them “full access to the grub’s console.”

Story continues below this ad

Researchers also says hackers can load malware from a USB, copy the full disk or even launch a denial of service attack by destroying any data, including the grub. Attackers can overwrite the disk, causing denial of service.

The researchers have created an emergency patch in order to fix the issue.

© IE Online Media Services Pvt Ltd
Latest Comment
Post Comment
Read Comments
Advertisement

You May Like

Express shorts
who is nupur bora?, assam land scam, assam acs officer arrested, nupur bora case, assam vigilance raid, nupur bora arrest, barpeta land transfer, assam civil service officer, land transfer to muslims, assam corruption case, nupur bora raid
Who is Nupur Bora? Assam bureaucrat raided, Rs 92 lakh cash and gold found
India54 min ago

Assam CM's Special Vigilance Cell raided 4 locations linked to ACS officer Nupur Bora, recovering Rs 92 lakh cash and gold jewellery. Bora, 36, is being investigated for profiting from sale of land owned by Hindus to Muslims. Her social media profile portrays a normal life, but also includes posts about her work and a connection to the case.

View all shorts
Live Blog
Top Stories
Chaitanya Baghel
Chhattisgarh liquor ‘scam’ED says ‘syndicate apex’ Chaitanya Baghel handled Rs 1,000 crore of proceeds
Anurag Kashyap meets Anti CAA protestors at Nagpada. Express Photo by Nirmal Harindran..
EntertainmentAnurag Kashyap 'got a message' from people behind major Bollywood hit, was told to keep his 'genuine praise' for the film to himself: 'My jaw dropped'
google gemini ai nano banana saree trend
TrendingNano Banana AI saree trend turns controversial: Instagram user claims Google Gemini’s tool revealed private details
Bangladesh vs Afghanistan Live Asia Cup
SportsBangladesh vs Afghanistan LIVE Cricket Score, Asia Cup 2025
The Court has temporarily stayed Section 3(r) of the Act till rules to determine who is a practising Muslim for five years are framed.
OpinionSC's interim order offers no relief from several problematic provisions of Waqf law
Advertisement