Serious Linux Vulnerability Abuses LUKS to Gain Root-Level Shell in 70 Seconds

Press/Media: Research

Description

Linux-based systems have been found at risk due to a vulnerability in the Linux Unified Key Setup (LUKS), hard disk encryption standard that allows attackers to gain root-level access simply by holding down the Enter key for 70 seconds during boot time.

The vulnerability was first reported by Hector Marco Gisbert, a computer science lecturer at the University of the West of Scotland, and it seems to be affecting Linux distributions including Debian, Ubuntu, Fedora, Red Hat Enterpise Linux (RHEL), and SUSE Linux Enterprise Server (SLES).

 

Period16 Nov 2016

Media contributions

1

Media contributions

Keywords

  • Security
  • Linux