Grub 2 vulnerability allows security to be skipped

From the Universitat Politècnica de València (UPV) a serious security problem has been discovered in the GRUB 2 boot loader, with which anyone with physical access can access the system with complete freedom.

The bug in question allows you to skip the GRUB 2 user and password authentication in a very simple way, just press the back key 28 times and the "Grub Rescue Shell" will start from which you can have free access to the system without the need to know the password and steal / destroy the data or whatever pleases the criminal in question.

The versions of GRUB 2 affected by the problem range from 1.98, released in 2009, to 2.0.2, which was recently released, meaning that a large number of distributions may be affected if their developers have not patched the problem, something that apparently they have done most.

Even if a distribution is affected by the problem, keep in mind that to be able to exploit it, password access must be enabled in the boot loader, something common in organizations but not at the domestic level and, most importantly, you must have physical access to the system.

If you want more information you can check the details here.