Hello, welcome to the Wednesday, November 16th, 2016 edition of the Sandton and Storm Center's

Stormcast. My name is Johannes Ulrich, and I'm recording from Jacksonville, Florida.

An interesting vulnerability has been found in the Linux Unified Key Setup or Lux. If you ever used

Linux with encrypted disks, you may have run into

this particular system. It essentially allows you to encrypt partitions on Linux.

Now the problem here is that you still boot off an unencrypted partition.

And due to this vulnerability vulnerability if you just keep the

energy pressed for about one to two minutes then you end up with a busy box

shell that will give you full access to the system now full access I have to

qualify this a little bit it It does not allow you to

access any of the encrypted drives, but it does allow you to manipulate the boot sector, which

of course then could be used to leverage additional attacks against the system. Now, this is really

no different than an attacker booting the system off an alternate

boot media like a USB drive or a CD-ROM disk.

So this is really a problem for users that count on, for example, disabling all of these

alternative boot media in order to protect a system

where they're afraid that an attacker has physical access to the system. And after all,

encrypting partitions is usually done just because you are afraid of someone gaining physical access

to the system. There's a quick workaround for this.

All you have to do is add panic equals five to your crop boot parameters.

There are patches in the work for all the major distributions.

They may already hit by the time you're listening to this podcast.

...