Screen lock vulnerability in Astra Linux Special Edition (Smolensk)
In this article we will look at one very interesting vulnerability in the “domestic” Astra Linux operating system, and so, let's start ...
Astra Linux is a special-purpose operating system based on the Linux kernel, designed to comprehensively protect information and build secure automated systems.
The manufacturer is developing a basic version of Astra Linux - Common Edition (general purpose) and its modification Special Edition (special purpose):
')
Initially, a vulnerability in the screen locker was detected on the Astra Linux Common Edition v2.12 operating system, it manifests itself at the moment when the computer is in a locked state and if at this stage you change the screen resolution. In particular, in virtual environments (VMWare, Oracle Virtualbox), the entire contents of the desktop are displayed without passing authorization.
This vulnerability has also been successfully produced on Astra Linux Special Edition v1.5. Perhaps there is an option to obtain information from physical machines, by using multiple monitors with different resolutions.
Below is a video with a demonstration on Astra Linux Special Edition v1.5 (the station was locked, the station window extension was changed):
Screenshot from the video (data fragment on the desktop):
In general, we can conclude that the exploitation of this flaw will allow us to secretly familiarize ourselves with the contents of documents (including restricted access) opened on the desktop of a blocked station with Astra Linux, which will lead to leakage of this kind of information.
Astra Linux is a special-purpose operating system based on the Linux kernel, designed to comprehensively protect information and build secure automated systems.
The manufacturer is developing a basic version of Astra Linux - Common Edition (general purpose) and its modification Special Edition (special purpose):
')
- the general-purpose edition, the Common Edition, is intended for medium and small businesses and educational institutions;
- special edition edition - Special Edition - designed for automated systems in a protected version, processing information with a degree of secrecy "top secret" inclusive.
Initially, a vulnerability in the screen locker was detected on the Astra Linux Common Edition v2.12 operating system, it manifests itself at the moment when the computer is in a locked state and if at this stage you change the screen resolution. In particular, in virtual environments (VMWare, Oracle Virtualbox), the entire contents of the desktop are displayed without passing authorization.
This vulnerability has also been successfully produced on Astra Linux Special Edition v1.5. Perhaps there is an option to obtain information from physical machines, by using multiple monitors with different resolutions.
Below is a video with a demonstration on Astra Linux Special Edition v1.5 (the station was locked, the station window extension was changed):
Screenshot from the video (data fragment on the desktop):
In general, we can conclude that the exploitation of this flaw will allow us to secretly familiarize ourselves with the contents of documents (including restricted access) opened on the desktop of a blocked station with Astra Linux, which will lead to leakage of this kind of information.
Source: https://habr.com/ru/post/459274/
All Articles