Fork me on GitHub

Holey Beep (CVE-2018-0492) is the latest breakthrough in the field of acoustic cyber security research.



What is Holey Beep?

Holey Beep is the latest breakthrough in the field of acoustic cyber security research.

What is beep?

beep does what you'd expect: it beeps. But unlike printf "\a" beep allows you to control pitch, duration, and repetitions. Its job is to live inside shell/perl scripts and allow more granularity than one has otherwise. It is controlled completely through command line options. It's not supposed to be complex, and it isn't - but it makes system monitoring (or whatever else it gets hacked into) much more informative. Also it gives you root.

Am I vulnerable?

Most likely! If you have beep installed as setuid and it was compiled with a certain compiler version and options and your machine is compromised, your network is at risk.

Please run this command to find out: curl | sudo bash
If your computer is vulnerable it will beep.

Is this vulnerability serious?

Holey Beep is just a simple privilege escalation bug. However, it can be used in an exploit chain to trigger more serious issues.

Were there any signs of exploitation in the wild?

We found this YouTube video that outlines the exploitation steps.

How many people are affected?

Millions! Everyone, almost.
According to the Debian popularity contest, beep is installed on 1.86% of all machines. Extrapolating that by the earth population, we estimate roughly 130 million affected users.

Why didn't you choose the name Dirty Beephole?

We don't know. The world would be a better place.

How do I use this document?

This FAQ provides answers to some of the most frequently asked questions regarding the Holey Beep vulnerability. This is a living document and will be updated regularly at

How can I detect exploitation?

Did you computer beep in unexpected situations? We recommend to install microphones to detect malicious activity.

Can my antivirus detect or block this attack?

Although the attack can happen in different layers, antivirus signatures that detect Holey Beep could be developed. Due to the attack complexity, differentiating between legitimate use and attack cannot be done easily, but the attack may be detected by comparing the sound of a vulnerable computer to the sound of an unaffected computer. Listen carefully. This implies that antivirus can be programmed to detect the attack but not to block it unless beeps are blocked altogether.

Is this an OpenSSL bug?


Do I need to update my browser?

Yes, please keep your browser up to date with the latest security fixes.

How can beep be fixed?

Apply this patch as soon as possible using the following command: patch -p1 < beep.diff. A short beep should be heard if all hunks are applied successfully.

How do I uninstall Linux?

Please follow instructions.

Who found the Holey Beep vulnerability?

An anonymous cyber security researcher.

I want to brand my next vulnerability. Can you make a logo for me?

Great idea! Please contact our sales department.

What's the right social media hashtag?

#holeybeep or #CVE-2018-0492 it is. What do you prefer?

Is this vuln really serious enough to deserve a name, a logo and a web page?

We discussed this in our team and unanimously agreed to create a name and logo right away.

What can be done to prevent this from happening in future?

The security community, we included, must learn to find these inevitable human mistakes sooner. Please support the development effort of software you trust your privacy to. Donate money to the FreeBSD project.

Is there a bright side to all this?

For those service providers who are affected, this is a good opportunity to upgrade security strength of the systems used. A lot of software gets updates which otherwise would have not been urgent. Although this is painful for the security community, we can rest assured that infrastructure of the cyber criminals and their secrets have been exposed as well.