Serious Linux Vulnerability Abuses LUKS to Gain Root-Level Shell in 70 Seconds

Hector Marco Gisbert

School of Computing, Engineering and Physical Sciences

Press/Media: Research

Description

Linux-based systems have been found at risk due to a vulnerability in the Linux Unified Key Setup (LUKS), hard disk encryption standard that allows attackers to gain root-level access simply by holding down the Enter key for 70 seconds during boot time.

The vulnerability was first reported by Hector Marco Gisbert, a computer science lecturer at the University of the West of Scotland, and it seems to be affecting Linux distributions including Debian, Ubuntu, Fedora, Red Hat Enterpise Linux (RHEL), and SUSE Linux Enterprise Server (SLES).

Period	16 Nov 2016

Media contributions

Title	Bitdefender
Degree of recognition	International
Media type	Web
Country/Territory	United States
Date	16/11/16
URL	https://hotforsecurity.bitdefender.com/blog/serious-linux-vulnerability-abuses-luks-to-gain-root-level-shell-in-70-seconds-17157.html
Persons	Hector Marco Gisbert

View all 1

View less

Keywords

Security
Linux