You Can Hack Into a Linux System by Pressing Backspace 28 Times. Here’s How to Fix It

Grub Vulnerability : You can Hack into a Linux PC/laptop just by pressing ‘Backspace’ 28 times

Most of us swear by Linux as a super secure operating system but two security researchers from Spain have discovered a unique vulnerability in Linux which could give even a noob access to a Linux powered PC.

Here’s How to Exploit the Linux Vulnerability

If your computer system is vulnerable to this bug:
Just hit the backspace key 28 times at the Grub username prompt during power-up. This will open a “Grub rescue shell” under Grub2 versions 1.98 to version 2.02.
This rescue shell allows unauthenticated access to a computer and the ability to load another environment.
From this shell, any potential attacker could gain access to all the data on a Linux computer, and can misuse it to steal or delete all the data, or install persistent malware or rootkit, according to researchers Ismael Ripoll and Hector Marco, who published their research on Tuesday.
According to Ripoll and Marco, the Grub vulnerability affects Linux systems from December 2009 to the present date. They have stated that even some older Linux PCs may be affected by this bug.

Patch

The good news is the researchers have made an emergency patch to fix the Grub2 vulnerability. So if you are a Linux user and worried your system might be vulnerable, you can apply this emergency patch, available here.
Meanwhile, many major distributions, including Ubuntu, Red Hat, and Debian have also released emergency patches to fix the issue.

7 COMMENTS

  1. I can just imagine how this was discovered. Perhaps out of pure boredom, or maybe frustration, someone taps the backspace button 28 times while a computer is booting up? LOL. And would a hacker really have tried that?

LEAVE A REPLY

Please enter your comment!
Please enter your name here