Researchers at the Polytechnic University of Valencia have figured out that many versions of Linux have a security flaw that allows users to bypass system security by pressing Backspace 28 times.
Image via Shutterstock
Two researchers in the Cybersecurity Group within the university were looking into ways you could cause a memory error from the password screen. The only method that could be manipulated by the user with common inputs was the Backspace method, which causes the system to revert to its “Grub rescue shell”. This grants the user access to all the data on the machine, to do with whatever they wish, as well as allowing new installations.
Any system using the Grub2 bootloader is vulnerable, and that means a lot of systems. Thankfully, Motherboard reports that Ubuntu, Red Hat, and Debian have already patched this out. If you’re not on one of those however, you have reason to be a little worried — especially if other people may have physical access to your computer.
If that’s you, you’re in luck. In addition to publishing a more detailed report, the researchers also made an emergency patch which you can download right now from here.
Comments
4 responses to “Newly Discovered Linux Bug Grants Access After Hitting Backspace 28 Times”
What if your password has 28 backspaces in it?
Then you are a genius.
Then it’s a bad password and should be changed to something more secure.
Unicode characters?
Σฃ€☺£…