Massive security bug found in Debian, Ubuntu, and derivatives apt

The apt package installer carried a huge security bug, but don't worry, it's now patched.

Everyone was surprised to learn that apt had been infected with a bug. This was discovered by security researcher Max Justicz. He found a vulnerability in apt that allows a network man-in-the-middle (or a malicious package mirror) to execute arbitrary code as root on a machine installing any package.

Apt is one of the Linux’s core installation software. But it was a relief to learn that the bug had been fixed before it became a threat. It raises the question of whether the secure https has improved apt security or not.

According to the Debian security team Yves-Alexis, Ubuntu and Debian were under threats. The reason was that they rely on HTTP repository. The attackers were likely to use the HTTP connection to inject the system with malicious content. This would compromise the repository security. Once injected, the malicious content would be recognized as valid. Apt would then execute code programs on the targeted machine.

Fixing the machine could break a few proxies. This would happen, especially where it is used against security.debian.org. In this case, the only available remedy is to switch the APT source. It means that updating the system promptly was one of the methods to use to deal with the bug. Advanced Tool apt has so far worked well. But the researcher Max Justicz discovered that it was easier to dig a hole in the program. It would give a remote attacker a chance to introduce and execute arbitrary root in the package. It would result in attacks.

Apt refers to packages or database that must be installed for programs to run. Also apt, allows one to install, upgrade, and remove the database. Unfortunately apt will install or update a package without checking if there is anything’s wrong with a package’s requested Uniform Resource Identifier (URI). It only focusses on PGP security hashes returned by the URI. It means that it is possible to make a malware look legitimate and allow them to be executed. Apt targets redirect URLs and do not check the new lines.

This loophole allows MiTM attackers to inject malware into the results returned. It makes URL to be embedded into the file. When it happens, it validates downloads, which will then allow for the execution of fake hashes.

Justicz demonstrated that it was easy to get the malicious file into the targeted system. It could be done using a release.gpg file which is easily pulled down when apt is updating itself. Justicz also provided a video showing the demonstration in his blog. The link is located at the bottom of the article.

According to Justicz APT attacks is not a one-day event. The intruder infiltrates and embeds themselves in the system. It helps them get as much information as is necessary. They target to infiltrate the entire network. To get in the system, they may use SQL injection, file inclusion RFI and XSS (cross-site scripting).

As mentioned before, this bug has been already fixed, thanks for the apt maintainers for patching this vulnerability quickly, and to the Debian security team for coordinating the disclosure. Therefore, you should be fine if you have already updated your system. For some reason, if you were not able to update, you can still protect yourself by disabling HTTP redirects while you update. To do that, run the following commands in the Terminal.

sudo apt update -o Acquire::http::AllowRedirect=false
sudo apt upgrade -o Acquire::http::AllowRedirect=false
Divya Kiran Kumar
I'm the Editor of FOSS Linux. I worked as a Software Engineer before taking up blogging as my full-time job. I enjoy using Linux, and can't imagine anything else for my PC. Apart from writing for FOSS Linux, I enjoy reading non-fictional books. Sapiens was my favorite last read. I hope you enjoy reading and using this blog to enhance your Linux experience! Have a great day ahead!

LEAVE A REPLY

Please enter your comment!
Please enter your name here

STAY CONNECTED

23,534FansLike
365FollowersFollow
16SubscribersSubscribe

LATEST ARTICLES

Top 10 Reasons to use Xfce as your Desktop Environment

There are many choices for desktop environments for Linux based operating systems. Mainly, you can install any DE of your choice on most of the Linux based distributions, even if they are not offered as a package officially. In our recent articles, we discussed the best of KDE and Cinnamon. In this article, we wish to present to you the top reasons why you should consider Xfce as your desktop environment.

The 10 Best Linux Network Monitoring Tools

Having total control over your network is essential to prevent programs from overusing your network resources and slowing down the overall performance. This is why you should install a network monitoring tool on your system, giving you a visual overview of everything that's happening on your network. Networking Tools are like swiss-knife for the system administrators for troubleshooting system issues.

How to install CouchPotato on Ubuntu

Downloading movies and copying them over to your home server can get frustrating, especially if you are doing it daily! What if you have an option to download videos automatically, quickly, and above all with excellent quality. CouchPotato allows you to download movies easily once they are available and released automatically.

Top 20 Rsync Examples in Linux

The Rsync (remote sync) command is a Linux/Unix utility used to synchronize and copy files and directories either locally or remotely. Most Linux geeks use Rsync to mirror, backup or migrate data across folders, across disks and networks. One notable feature with the Rsync command is that it uses the "delta transfer algorithm."

Setting up NFS Server on Ubuntu Server

We have put together a detailed step-by-step tutorial that will guide you on how to install and set up NFS Server on Ubuntu so you too can start sharing data with other client systems. It is divided into sections, the first part discussing how to set up the host server and the second part showing you how to set up the client-side. For this tutorial, we will be using Ubuntu 20.04 LTS.

Crontab in Linux Explained With Examples

Crontab is the Linux equivalent of the Window's Task Scheduler. It can help you set up a task to run automatically at a regular...

MUST READ

Linux is growing faster than ever. As per the latest report, there is a drop in the Windows 10 market share for the first time, and Linux's market share has improved to 2.87% this month. Most of the features in the list were rolled out in the Pop OS 20.04. Let's a detailed look into the new features, how to upgrade, and a ride through video.
Elementary OS 5.1 Hera has received a point release with a handful of new features and bug fixes, and we will be reviewing the significant changes in this article. For those new to elementary OS, this Ubuntu-based Linux distribution uses their inhouse built Pantheon desktop environment and AppCenter.

6 best task managers for Linux

One of the essential tools in any Linux distribution is a Task Manager. It is a system monitor application that gives you a report of all programs running on your computer and the status of your RAM and CPU usage.

Pop!_OS 20.04 Review: Professional Linux Distribution Ever Made

Linux is growing faster than ever. As per the latest report, there is a drop in the Windows 10 market share for the first time, and Linux's market share has improved to 2.87% this month. Most of the features in the list were rolled out in the Pop OS 20.04. Let's a detailed look into the new features, how to upgrade, and a ride through video.

Manjaro ‘Gellivara’ XFCE Edition (17.0.5) in 10 Screenshots

Want to take a quick virtual tour Manjaro XFCE edition instead of downloading GBs worth of ISO image and then making a Live USB of it? We will make it easy for you. Here are a series of screenshots of the important aspects of Manjaro Linux in XFCE edition. This is a light-weight edition, and aims to be fast and low on system resources. You will be amazed on how it is still visually appealing and user friendly.

The 10 Best Programming Languages for Hacking

One of the significant entities we have in Cyber Security is Ethical Hacking (ETH). It is the process of detecting and finding flaws or vulnerabilities in a system that a hacker would exploit.