A serious vulnerability has been discovered in Linux GRUB bootloader, which allows one to enter any locked computer just by pressing the backspace key 28 times. The vulnerability was firs highlighted by researchers Hector Marco and Ismael Ripoll from the Cybersecurity Group at the Universitat Politècnica de València. According to a PCWorld report, the researchers have shared complete details about the potential vulnerability in the Linux system.
According to the PCWorld report, GRUB (Grand Unified Bootloader) is used by most Linux distributions, has a password feature that can restrict boot entries. The protection is important especially in organisations that are using Linux.
The researchers showed that by pressing the backspace key 28 times, hackers can bypass the need to put in a password or username and gain access.
According to the researchers, the bug is in the code of Grub since version 1.98 (December, 2009) affecting loader versions till December 2015.
Researchers shared that “To quickly check if your system is vulnerable, when the Grub ask you the username, press the Backspace 28 times. If your machine reboots or you get a rescue shell then your Grub is affected. ”
While discussing the issue, the researchers shared that “The successfully exploitation of the vulnerability has been possible because we made a very deep analysis of all components involved in this bug. The successful exploitation depends on many things: the BIOS version, the GRUB version, the amount of RAM, and whatever that modifies the memory layout. And each system requires a deep analysis to build the specific exploit. ” The researchers have also created an emergency patch to fix the issue.
The author is senior assistant editor at EFY.