Researchers last week revealed a zero-day flaw that lets attackers take over a Linux system by pressing the backspace key repeatedly. Pressing backspace 17 to 20 times will overwrite the highest byte of the return address of the grub_memset() function, ultimately causing a reboot by redirecting control flow to the 0x00eb53e8 address, according to the Cybersecurity Group at the Universitat Politecnica de Valencia. The flaw is in Grub v 1.98 and later. Grub is the bootloader used by most Linux systems, including some embedded systems.
There's been a lot made of this in the media as there always is when it's a Linux vulnerability, but this needs to be seen in context.
This flaw can only be used to attack a system if the attacker has "hands-on" access to the computer. It cannot be used remotely.
Any computer, regardless of OS, is vulnerable if someone gets physical access. I've demonstrated this point time after time by booting up on external media and getting access to the existing OS.
Any Linux OS can do this. Most "recovery" disks or sticks use Linux to do exactly this.
It's something that needed fixing but frankly the "Zero-Day Attack" headlines are way over the top in my opinion.
Loading ...
Backspace Flaw Enables Linux Zero-Day Attack
Posted by: Richard Adhikari December 28, 2015 11:20 AMResearchers last week revealed a zero-day flaw that lets attackers take over a Linux system by pressing the backspace key repeatedly. Pressing backspace 17 to 20 times will overwrite the highest byte of the return address of the grub_memset() function, ultimately causing a reboot by redirecting control flow to the 0x00eb53e8 address, according to the Cybersecurity Group at the Universitat Politecnica de Valencia. The flaw is in Grub v 1.98 and later. Grub is the bootloader used by most Linux systems, including some embedded systems.
This flaw can only be used to attack a system if the attacker has "hands-on" access to the computer. It cannot be used remotely.
Any computer, regardless of OS, is vulnerable if someone gets physical access. I've demonstrated this point time after time by booting up on external media and getting access to the existing OS.
Any Linux OS can do this. Most "recovery" disks or sticks use Linux to do exactly this.
It's something that needed fixing but frankly the "Zero-Day Attack" headlines are way over the top in my opinion.