The Inquirer-Home

Linux bug leaves thousands of users vulnerable to attack

Though it seems that it is yet to be exploited
Wed Mar 05 2014, 17:25
security risk management

THOUSANDS OF LINUX USERS might be vulnerable to hackers after it emerged that a significant certificate checking bug exists in a low level library.

The problem stems from the GnuTLS library that provides an API to enable SSL, TLS and DTLS encryption protocols, as used particularly by web servers.

However a problem has emerged making it easy for hackers to bypass the encryption, leaving systems exposed and therefore endangering anyone visiting a website that uses GnuTLS, thus leaving website visitors potentially vulnerable to hacking attacks, including keylogging malware that can be used to steal customer credentials.

The problem was discovered by Nikos Mavrogiannopoulos of the Red Hat Security Technologies Team, however it potentially might affect any Linux distribution that uses the GnuTLS library. Red Hat has already issued a patch, which is available through its network.

A bulletin issued by the company explains, "It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification.

"An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker."

The bug is similar to the so called "go to fail" problem that affected iOS and OSx machines last year.

At present the scale of the danger is still being assessed, however it has been suggested that anyone running a Linux based system or website should patch their system as a matter of urgency. Details are available at the GnuTLS website. µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

INQ Poll

Internet of Things at Christmas poll

Which smart device are you hoping Santa brings?