Ubuntu Local Authorization Bypass Bug Likely to Never Be Fixed?
NEWS

Ubuntu Local Authorization Bypass Bug Likely to Never Be Fixed?

It was just reported that a bug filed on Ubuntu Launchpad (dubbed Local authorization bypass by using suspend mode) about a month ago has been confirmed by several users. The bug allows an individual with physical access to a machine to evade the lock screen simply by removing its hard drive.




The bug could allow access to the latest user opened applications which are highly likely to contain sensitive details such as documents, all sorts of private information, passwords.

Apparently, as reported on Ubuntu Launchpad, the bug has been tested on the following:

  • Ubuntu 14.04
  • Ubuntu 16.04
  • Ubuntu 16.10
  • Ubuntu 17.04

It has been confirmed that the bug affects all of the above-mentioned versions. It is still not known whether it affects other versions of Ubuntu as well as other distros. However, experts suspect that the bug may compromise other distributions that are based on Ubuntu 16.04, like Linux Mint 18. One user has confirmed that the bug also affects Mate 18.04.

How is an attack based on this bug possible?

As explained in the bug description:

1. open some applications (LibreOffice, browsers, editors, …)
2. go to suspend mode
3. extract hard drive
4. wake up
5. after that can be several behaviors:
* Ubuntu show lock screen. Enter ANY password -> access granted.
* Ubuntu show lock screen. Enter ANY password, access denied. Fast press the hardware shutdown button -> access granted.
* Ubuntu does not show lock screen, only black screen. We can repeat actions like in previous paragraphs

Attackers may also try the password and be denied access. In case this happens, they can fast press the hardware shut down button and obtain access nonetheless. Another possible scenario is that no lock screen appears but instead the screen goes black in which case the steps described above can still be put into motion.

Marc Deslauriers, a security engineer at Canonical, believes this bug will most likely never be fixed simply because having physical access means an attacker could access the hard disk directly or replace the password on it and unlock the machine anyway.

However, an Ubuntu user has pointed out that the screensaver software could handle the issue to prevent unauthorized access. “I believe that screensaver should handle exceptions in the underlying libraries in such a way to prevent unauthorized access even if underlying library is faulty,” the user said.

Another user underlined that “the system must not give an access to the system with wrong passwords“, asking Ubuntu developers to “pay attention” and “don’t ignore the issue“.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...