Screen Lock Vulnerability in Astra Linux Special Edition (Smolensk)

    In this article, we will look at one very interesting vulnerability in the "domestic" Astra Linux operating system, and so, let's begin ...


    Astra Linux is a special-purpose operating system based on the Linux kernel, designed to comprehensively protect information and build secure automated systems.

    The manufacturer is developing the basic version of Astra Linux - the Common Edition (general purpose) and its modification of the Special Edition (special purpose):

    1. general purpose publication - Common Edition - is intended for medium and small businesses, educational institutions;
    2. Special Edition - Special Edition - is intended for automated systems in a secure execution, processing information with a degree of secrecy "top secret" inclusive.

    Initially, a vulnerability in the screen blocker was discovered on the Astra Linux Common Edition v2.12 operating system, it appears at the moment when the computer is in a locked state and if at this stage the screen resolution is changed. In particular, in virtual environments (VMWare, Oracle Virtualbox), there is a complete display of the contents of the desktop without going through authorization.

    The vulnerability was also successfully released on Astra Linux Special Edition v1.5. Perhaps there is an option to receive information from physical machines, using multiple monitors with different resolutions.

    Below is a video demonstration on Astra Linux Special Edition v1.5 (a station was locked, a station window extension was changed):


    Screenshot from the video (fragment of data on the desktop):


    In general, we can conclude that the operation of this gap will allow you to secretly familiarize yourself with the contents of documents (including limited access) that are open on the desktop of a locked station with Astra Linux, which will lead to a leak this kind of information.

    Also popular now: