TechRadar Posted February 7 Share Posted February 7 A major vulnerability has been discovered operating across in almost all Linux variants that could allow threat actors to run malware at the firmware level.The vulnerability is tracked as CVE-2023-40547, and is described as a buffer overflow weakness. It resides in shim, a component that runs in the firmware, before the booting of the operating system.These are the findings of security researcher Matthew Garrett, who is also one of the original shim authors, Ars Technica reports. Patch waterfall As per the research, shim is found in basically all Linux distros, and is a pivotal element of secure boot, a protection mechanism of most computers these days. It makes sure that every step of the booting process comes from a trusted supplier. By abusing the buffer overflow weakness, an attacker would be able to bypass this mechanism, and run malicious code before UEFI loads the operating system.The silver lining here is that the threat actors would first need to obtain access to the target device in some other manner (via physical access, or other malware).“An attacker would need to be able to coerce a system into booting from HTTP if it's not already doing so, and either be in a position to run the HTTP server in question or MITM traffic to it,” Garrett said. “An attacker (physically present or who has already compromised root on the system) could use this to subvert secure boot (add a new boot entry to a server they control, compromise shim, execute arbitrary code).”Another silver lining is that any bootkit malware abusing this flaw wouldn’t survive a full hard drive wipe.Given the decentralized nature of Linux distributions, patching is not that simple. Right now, developers working on Linux shims released the patch to shim developers, who have now added into their respective versions. These have now made it to Linux distributors, who need to push them further, onto end users. More from TechRadar Pro Pretty much all Windows and Linux computers are vulnerable to this new cyberattackHere's a list of the best firewalls around todayThese are the best endpoint security tools right now View the full article Quote Link to comment Share on other sites More sharing options...
.png.6dd3056f38e93712a18d153891e8e0fc.png.1dbd1e5f05de09e66333e631e3342b83.png.933f4dc78ef5a5d2971934bd41ead8a1.png)
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.