A zero-day exploit lets you run any type of code on Ubuntu and Fedora

For a long time Linux users have thought we had some advantage over those of Windows or OS X. The fact of being able to handle a computer without having to worry too much about the malware gave us a certain security cushion, something of the Which we have boasted a lot.

Today someone burned that mattress while we slept in it. As reported in BetaNews Ubuntu and Fedora are vulnerable to zero-day exploits. Through these vulnerabilities an attacker can execute any type of code on a target computer with potentially devastating consequences.

Security researcher Chris Evans has published details of an exploit that can compromise Linux systems . All you need to do is use a malicious audio file, through which you can hijack a PC.

A zero-day that puts the community on alert

In the web of Chris Evans we read the following :

I present here a complete, functional and reliable exploit for current Linux distributions (Ubuntu 16.04 LTS and Fedora 25). In the case of Fedora works as a malicious download. It takes advantage of subtle cascading side effects that priori seem difficult to exploit but that ends up presenting beautiful 100% reliable exploitation possibilities.

The exploit takes advantage of a vulnerability in the Game Music Emu library used in old console emulators, through which an attacker is allowed to run any type of code on the computer with potentially devastating consequences.

The execution of code would be done through a specially designed audio file, which would suffice to rename with extension *.flac or *.mp3to deceive the user. Evans has posted videos showing an example attack on Fedora 25 using Google Chrome, which shows how one of these files can open and control the calculator, for example:

He has also posted a video of the exploit running on Ubuntu

Evans says that the problem lies in a lack of sandboxing, that is, of having prepared a safe environment in which to run the programs so that the rest of the system is not compromised. It also says that it is likely to work on other distributions.

Leave a Reply

Your email address will not be published. Required fields are marked *