Security researchers have discovered a critical vulnerability by name Grinch Bug, which can be exploited by malicious hackers to acquire unauthorized root access to Linux-based computing systems.
The vulnerability concerns the system authentication (authorization system) of Linux and allows privilege escalation through the wheel (Unix terminology).
The new bug leaves Linux system administrators awake a few days after it poodle – another fatality error of 2014 – came back into the limelight. The Grinch vulnerability affects all distributions of the Linux operating system and according to researchers by Alert Logic, which disclosed the bug last Tuesday, potentially gives root access to any attacker without the use of passwords or special encryption keys.
A hacker could exploit the vulnerability either by converting registered user accounts to a wheel or by using the Policy Kit (Polkit), a graphical User Interface used by ordinary users to perform tasks that require administrator privileges .