The popular Alpine Linux distribution (distro) has been found to have a very serious security flaw dating back to late 2015. The Alpine Linux distro states that they are a lightweight and security-oriented system that has had a bug in it for the last 3 years which removed the root password requirement and left it open, inadvertently allowing hackers to access the root system of a user’s systems. It was found by researchers that the problem comes from an update that was published in 2015 that accidentally removed this requirement. Attackers are able to use the keyword “root” as the username, leave the password blank and gain access. The affected distros include versions 3.3, 3.4 3.5, 3.6, 3.7, 3.8 and version 3.9. The vulnerability has been reported to be fixed and closed as of March 8th, 2019. The official Alpine Linus distro has been downloaded over 10 million times.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is