Two researchers from the University of Valencia found that if you press the key backspace 28 times, it is possible to bypass the check ID cards at startup on some Linux machines.
The problem is not the kernel, nor the operating system itself, but rather the very popular Grub2 bootloader, which is used to start several Linux distributions.
Essentially, if you enable Grub2 password protection when you start the system, it makes no sense, as it can be easily overridden.
Hector Marco and Ismael Ripoll report on their publication, that by pressing the 28 backspace key in the Grub user name box at startup, a "rescue shell" from the Grub2 1.98 (December 2009) to 2.02 (December, 2015) version is created.
The "rescue shell" allows unauthenticated access to a machine and the ability to load another environment on your system. Once your preferred environment is in mode, you can install a rootkit, browse local storage media, and launch many different forms of attack.
The source of the error is an integer underflow that the researchers managed to exploit (b391bdb2f2c5ccf29da66cecdbfb7566656a704d) and affects the function of grub_password_get ().
The researchers prepared one PoC and found that 55 security tools (antivirus) were unable to detect it contamination.
The good news is that researchers have developed a protection solution that can be found at the following link:
http://hmarco.org/bugs/patches/0001-Fix-CVE-2015-8370-Grub2-user-pass-vulnerability.patch
