A few days after leakage of Red Star OS of North Korea to the West, in the form of an ISO, security researchers have begun to expose its vulnerabilities points.
According this publication in Seclists, the udev rules in version 3.0 of the USA and the rc.sysint script in version 2.0 is so world writable. Both have root privilege.
Due to Red Star 3.0's file permissions management, device manager rules for printers HP LaserJet (1000 series), (/etc/udev/rules.d/85-hplj10xx.rules), can be modified to RUN+= arguments. These commands can be run in the udev daemon as root. Exists a presentation at GitHub.
Udev's main job is to monitor / dev (devices) directory, and when the device is connected to a USB port, it loads the appropriate rule set.
By registering to the rc.sysint file in the older one Red Star OS 2.0, an attacker can execute commands as root (demonstration).
Both vulnerabilities provide privilege escalation for local users.
Download it redstar_desktop3.0_sign.iso
