Home > News content

Linux high-risk vulnerabilities: press the Enter key for 70 seconds to obtain root privileges

via:博客园     time:2016/11/17 19:00:47     readed:1313

(CVE-2016-4484), an attacker can get the root initramfs shell by pressing the Enter key for 70 seconds to destroy Linux boxes. The vulnerability exists in the Unified Key Settings (LUKS) in the Linux popular variants. By accessing the shell, an attacker can decrypt the Linux machine. The attack also applies to virtual Linux boxes in the cloud.

The vulnerability affects Ubuntu, Fedora, Debian and many other Linux distributions.

http://static.cnbetacdn.com/article/2016/1117/a67a616ddb19c0d.pnghttp://static.cnbetacdn.com/article/2016/1117/a67a616ddb19c0d.png

The problem was discovered by Hector Marco, a lecturer at the University of the West of Scotland, and Ismael Ripoll, an assistant professor at Valencia Polytechnic University. They said the problem does not require any special system settings, and the vulnerability of the following analysis:

The vulnerability allows access to the root initramfs shell on the affected system. The vulnerability is very reliable because it is not dependent on a particular system or configuration.

An attacker can copy, modify, or destroy a hard disk. This vulnerability in the library, ATM, airport machines, laboratories and other environmental impact is particularly serious.

The vulnerability has now been fixed, and Marco and Ripoll have developed a set of tools for resisting attacks. But do not rule out the possibility of forgery during the repair period.

How to solve the 70 seconds Linux root shell hacking?

You need to check whether your partition is encrypted with LUKS. To implement encryption, run the following command:

Dmsetup status awk & lsquo; BEGIN {FS = ": & rdquo;}; / crypt s * $ / {print & ldquo; Encrypted: & rdquo; $ 1} & rsquo;

This command will show you the name of the encrypted partition. If you do not see any partitions in the list, it means that you are not intrusive. If you are infected, you can seek patch fixes from the corresponding vendor of the Linux distribution you are using. If no patch is available, you need to add the following line to your boot configuration:

/ GRUB_CMDLINE_LINUX_DEFAULT = "/ GRUB_CMDLINE_LINUX_DEFAULT =" / etc / default / grub / grub-install / "

Click here to viewVulnerability Details.

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments

Related news