Ubuntu Launchpad bug allows user with physical access bypass the lock screen

In mid-June, the Ubuntu Launchpad exposed with a security bug; any user can bypass the lock screen by just removing the hard drive. This vulnerability confirms the impact of Ubuntu 16.04.4 but does not prove whether other Ubuntu versions are affected. The entire attack process is basically as follows: After the user boots into Linux, the program and files are opened, and then the machine is suspended and enters the low-power mode, and the device state is written to the memory.

Once the attacker removes the hard disk and wakes up the system at this time, although it will transfer to the lock screen interface, the user can enter any password to access. Although access denials sometimes occur, you can gain access by merely pressing the physical power key, and if you don’t jump out of the lock screen but a black screen, you can try the previous steps to re-enter.

Marc Deslauriers, a security engineer at Canonical, said:

“We’re unlikely to fix this, since having physical access means an attacker could simply access the hard disk directly or replace the password on it and unlock the computer.”

Also, users have revealed that screensaver software can solve this problem:

“I believe that screensaver should handle exceptions in the underlying libraries in such a way to prevent unauthorized access even if underlying library is faulty.”

Source: Neowin