Linux users tend to work peacefully, thinking that everything is very secure. Not all of us, but it's a widespread feeling. It's a fact that there aren't as many viruses or bugs as there are in Windows, but it's also true that perfect software doesn't exist. In part, the fact that there aren't as many bugs is because we aren't a prime target for cybercriminals. A new vulnerability has recently been revealed. security flaw in Linux.
It was ERNW who has made it public. Their report shows that there is a critical security flaw in Linux distributions that may allow a malicious attacker full access to the system, even on devices with full disk encryption. The vulnerability is present in current distributions, such as Ubuntu 25.04 y Fedora 42, available from the first quarter of 2025. Others, such as OpenSUSE Tumbleweed, are not affected.
Critical security flaw in Linux
As almost always, so that an attacker can do his thing you would need to have physical access to the deviceOnce they have the device in their hands, they could access a debugging shell by entering the wrong decryption password several times in a row. In Ubuntu, it's even possible to press the ESC key, which will open the debugging shell.
The attacker can access everything in the system through this shell. For example, they can mount a USB device with tools to modify the initramfs without enabling security flags because the initramfs is unsigned. After this, when the device's owner logs in and enters the password, the code executes with privileges, allowing them to steal data, gain remote access, and do whatever they want.
Although it's a potentially disturbing flaw, we can rest easy as long as a few requirements aren't met. First, someone else must have access to our computer. Furthermore, the attacker would need a USB drive equipped with the tools and scripts needed to modify initframes, which isn't within everyone's reach.
Still, security patches are expected to be released soon to protect us from these threats.