Zero-Day GRUB2 Vulnerability Hits Linux Users, Patch Available for Ubuntu, RHEL

Posted by hanuca on Dec 16, 2015 8:31 AM EDT
Softpedia; By Marius Nestor
Mail this story
Print this story

Accoding to Canonical'a latest Ubuntu Security Notice, it would appear that there's a zero-day security vulnerability in the GRUB2 (GNU GRand Unified Bootloader) packages, affecting all GNU/Linux distributions running 2.02 Beta.

The security flaw was discovered by developers Ismael Ripoll and Hector Marco in the upstream GRUB2 packages, which did not correctly handled the backspace key when the bootloader was configured to use password protected authentication, thus allowing a local attacker to bypass GRUB's password protection.

Full Story

  Nav
» Read more about: Story Type: News Story

« Return to the newswire homepage

Subject Topic Starter Replies Views Last Post
Well, some Linux users. jdixon 4 1,618 Dec 19, 2015 4:22 AM

You cannot post until you login.