Security Vulnerability Leaves Linux Users Exposed
With all of the recent breaches at retailers, cloud service providers, and credit card companies, you would be forgiven for believing that your data was safer on your computer at home. But if you are one of the millions of people running many of the most common distributions of Linux you would be wrong. An overlooked security vulnerability in a 20 year old piece of software has allowed potentially untold numbers of computers and servers to be exposed to hackers.
GNU GRUB, commonly known as grub2, is a bootloader that is used by the majority of popular Linux distributions including Ubuntu, Mint, Fedora, as well as several non-Linux operating systems including editions of Solaris and BSD. A bootloader, for those not in the know, is a small program which runs after a computer has finished its power-on self-tests and which loads the actual operating system for the user.
The newly uncovered bug is a pretty major and fairly obvious one to have gone unnoticed for so many years. After the computer boots up a hacker sitting at a keyboard need only type 28 characters to gain nearly unlimited access to a vulnerable system. And that character is the humble backspace. Pressing the backspace key 28 times in a row will cause the computer to crash and reboot. But instead of booting up normally, you are whisked to what is known as the “Grub rescue shell” which is a small recovery program for the bootloader. And from here a hacker can gain full access to your data, install viruses or other malware, or simply delete the contents of the machine. Its a very serious security vulnerability. Made more serious by the fact that untold millions of computers are affected.
The problem is known as a buffer overflow and is one of the most common and perhaps the best understood computer hack. And because it is so common and so well understood, it is surprising that a security vulnerability like this one could have gone unnoticed for so long. A buffer overflow works by writing data so that it “overflows” the area it has been allotted and overwrites the adjacent memory. There are a number of ways to prevent these attacks. ASLR, bounds checking, and canaries can protect users.
All of the major vendors including Canonical and Red Hat have already supplied fixes for the bug. We encourage everyone who is affected to apply those patches as soon as possible. For more information about the security vulnerability itself, look here. And check out Vice for more on this story.