Linux bug leaves thousands of users vulnerable to attack

THOUSANDS OF LINUX USERS might be vulnerable to hackers after it emerged that a significant certificate checking bug exists in a low level library.

The problem stems from the GnuTLS library that provides an API to enable SSL, TLS and DTLS encryption protocols, as used particularly by web servers.

However a problem has emerged making it easy for hackers to bypass the encryption, leaving systems exposed and therefore endangering anyone visiting a website that uses GnuTLS, thus leaving website visitors potentially vulnerable to hacking attacks, including keylogging malware that can be used to steal customer credentials.

The problem was discovered by Nikos Mavrogiannopoulos of the Red Hat Security Technologies Team, however it potentially might affect any Linux distribution that uses the GnuTLS library. Red Hat has already issued a patch, which is available through its network.

A bulletin issued by the company explains, "It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification.

"An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker."

The bug is similar to the so called "go to fail" problem that affected iOS and OSx machines last year.

At present the scale of the danger is still being assessed, however it has been suggested that anyone running a Linux based system or website should patch their system as a matter of urgency. Details are available at the GnuTLS website. µ

• Tweet  
• Facebook  
• Google plus  
•  
•  
• Send to  

• Topics
• Security
• Software