Linux vulnerability lets anyone log-in into comp by tapping backspace 28 timeshttps://indianexpress.com/article/technology/tech-news-technology/linux-vulnerability-lets-anyone-log-in-into-comp-by-tapping-backspace-28-times/

Linux vulnerability lets anyone log-in into comp by tapping backspace 28 times

Linux has serious vulnerability in its GRUB bootloader which could allow hackers to access a locked computer by just typing the backspace key 28 times.

Linux, Linux vulnerability, Linux backspace hacking, Linux Grub boot-loader, Linux boot-loader, Linux problem, Linux issue, technology, technology news
Linux has serious flaw in its Grub bootloader which could let hackers access a locked machine.

Linux has a serious vulnerability in its GRUB bootloader which could allow hackers to access a locked computer by just typing the backspace key 28 times.

The issue was first reported by two researchers Hector Marco and Ismael Ripoll from the Cybersecurity Group at the Universitat Politècnica de València, according to a report on PCWorld. The researchers have put up the full details of the potential flaw in the Linux system here.

According to the PCWorld report, GRUB (Grand Unified Bootloader) is used by most Linux distributions, has a password feature that can restrict boot entries. The protection is important especially in organisations that are using Linux.

Dell admits security issues in its laptops makes them vulnerable to hackers

Advertising

The researchers showed that by pressing the backspace key 28 times, hackers can bypass the need to put in a password or username and gain access.

According to the researchers, the bug is in the code of Grub since version 1.98 (December, 2009) affecting loader versions till December 2015.

Hackers who successfully exploit this can get access to a Grub rescue shell, a very powerful shell which can give them “full access to the grub’s console.”

Researchers also says hackers can load malware from a USB, copy the full disk or even launch a denial of service attack by destroying any data, including the grub. Attackers can overwrite the disk, causing denial of service.

The researchers have created an emergency patch in order to fix the issue.