Researchers last week revealed a zero-day flaw that lets attackers take over a Linux system by pressing the backspace key repeatedly.
Pressing backspace 17 to 20 times will overwrite the highest byte of the return address of the grub_memset() function, ultimately causing a reboot by redirecting control flow to the 0x00eb53e8 address, according to the Cybersecurity Group at the Universitat Politecnica de Valencia.
The flaw is in Grub v 1.98 and later. Grub is the bootloader used by most Linux systems, including some embedded systems.
ConversionConversion EmoticonEmoticon