ZiPZAP Computers Limited

Linux => Linux => Topic started by: norman on January 07, 2016, 02:38:53 pm

Title: Bug in Grub2 which compromises security on Login
Post by: norman on January 07, 2016, 02:38:53 pm
The Grub2 bootloader from versions 1.98 to 2.02 has a bug which allows access to the system without a proper login.

At the login prompt simply press the backspace key 28 times and it allows access. Something to do with buffer overflow.

The fault has existed from December 2009 to December 2015 and is in the bootloader only. It can only occur if keyed in directly.

Norman
 ;)