Researchers from Spain's Polytechnic University of Valencia have found a flaw that enables attackers to obtain root shell on affected Linux systems. The researchers confirmed the vulnerability, CVE-2016-4484, is present and exploitable on Debian, Ubuntu, and Fedora, but it is possible many derived distributions also feature it. The vulnerability is found in the default configuration of Cryptsetup, which is used in those systems to set up cryptographic volumes. The flaw also arises from how these operating systems implement the Linux Unified Key Setup standard for hard disk encryption.
"This vulnerability is specially serious in environments like libraries, ATMs, airport machines, labs, etc., where the whole boot process is protected and we only have a keyboard and/or a mouse," the researchers warn.
The vulnerability appears only if the user encrypted the system partition when installing the OS or did it afterwards. An attacker with access to the vulnerable system can gain root shell by rebooting the computer and pressing and holding the Enter key when they are prompted for the password for unlocking the system partition. The hacker then can access all unencrypted partitions, get information stored on all disks, delete it, or modify it, and insert executable files in the boot partition. The researchers note the flaw can be fixed by editing the cryptroot file.
From Help Net Security
View Full Article
Abstracts Copyright © 2016 Information Inc., Bethesda, Maryland, USA