A new vulnerability has just surfaced that can compromise your Linux system by pressing the Enter key. The issue is available within the Linux Unified Key Setup (LUKS), majorly affecting Debian & Fedora & Ubuntu (Ubuntu is Debian Based) platforms.
Tracked as CVE-2016-4484, the LUKS vulnerability is discovered by Spanish security researcher Hector Marco. It makes the systems vulnerable if there is an encrypted system partition and provides access to root initramfs shell due to an error in the Cryptsetup utility.
Attackers need to hold down the Enter key for around 70 seconds to skip their repeated password prompts on the system and ultimately gain access to the shell.
This vulnerability allows to obtain a root initramfs shell on affected systems. The vulnerability is very reliable because it doesn’t depend on specific systems or configurations, Marco and his colleague and co-researcher Ismael Ripoll wrote in a detailed report.
Using the security hole, the attackers can copy, modify and destroy the hard disk on your system as well as establish a network to even “exfiltrate” data. The issue is mainly severe if the entire boot process is protected. In other words, if you have password protection in BIOS and GRUB.
Notably, not only Linux desktops but also cloud environments can be remotely exploited the vulnerability.
An attacker with access to the console of the computer and with the ability to reboot the computer can launch a shell (with root permissions) when he/she is prompted for the password to unlock the system partition, the researchers explained.
You can fix the issue on your Linux device by disabling its boot sequence when several password guesses are implemented. Also, a panic function can be created to prevent console access. Various Linux-backed Debian distributions have already received the bugfix to patch the serious LUKS vulnerability. However, Canonical is yet to release a similar fix for its Ubuntu platform.
85 total views, 2 views today