Holey beep vulnerability (CVE-2018-0492)16.04.2018
New security vulnerability was discovered in linux beep command line tool. Normally it used to control PC Speaker, but recently it was found that beep can be used for local privilege escalation revealing whether any file exists bypassing permissions. Another impact is file side effects, which could be triggered without authorization.
To discover if your system is affected run this command:
curl https://holeybeep.ninja/am_i_vulnerable.sh | sudo bash
If your machine is vulnerable, you will hear beep sound.
Patch provided by holeybeep.ninja site fixes race condition bug, but exposes system to arbitrary code execution, which is potentially more serious vulnerability.
Possible solution to address this issue, is to refrain from using “beep” command at all, like in openSUSE distro, which employs simple “printf ‘\a’” instead.