Linux Systems Vulnerable to Attack

By

Millions of Linux systems are vulnerable to attack, due to at-risk firmware

A number of laptops have been discovered to be vulnerable to attack. The security research group Eclypsium has discovered that hardware made by Dell, HP, and Lenovo can contain unsigned firmware in Wi-Fi adapters, USB hubs, touchpads, and cameras. When a device uses unsigned firmware, it is considered unprotected.

Signed firmware is software that has been signed by a vendor, using a private key. When firmware has been signed, a device with the feature enabled will validate the firmware before accepting to install it. The signed firmware can be trusted, so when a hardware vendor applies unsigned firmware, the chain of trust is broken and malware can find its way to those insecure pieces of hardware and do things like disable or take control of devices, steal data, and launch various types of attacks. And because these vulnerabilities are found in firmware, antivirus and antimalware solutions are of no help, regardless of operating system.

Eclypsium has found such unsigned firmware on touchpad and TrackPoint devices in Lenovo laptops, the HP Wide Vision FHD camera on the HP Spectre x360 laptop, the Wi-Fi adapter on the Dell XPS 15 laptop, and a VLI USB hub. As these particular brands (especially Lenovo and Dell) are favorites among the Linux community, users should immediately investigate how to upgrade the affected firmware (as the checking of firmware signatures is up to the peripheral device and not the operating system).

02/20/2020
comments powered by Disqus