Cybersecurity researchers claim to have found a “critical” security vulnerability affecting Linux able to give attackers full system access — even if on device using full disk encryption. The vector has been demonstrated against Ubuntu 25.04 and Fedora 42 as well as other Linux distributions, according to a report published by ERNW. It does not affect OpenSUSE Tumbleweed, however. Attackers with physical access to a device can access a low-level debug shell by entering the wrong decryption password several times in a row. On Ubuntu, they can then hit esc at the password prompt, punch in a few key combos, […]You're reading Ubuntu Security Flaw Lets Attackers Bypass Full Disk Encryption, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.