Mitigating BootHole – ‘There’s a hole in the boot’ – CVE-2020-10713 and related vulnerabilities
In this blog post, we will explain more about the vulnerabilities and a behind-the-scenes look about how they were fixed in a coordinated manner across the entire open source ecosystem. To discover the in-depth details of the CVEs and the updated packages which fix the associated vulnerabilities, please visit our Ubuntu Security Knowledge Base article.
To understand the scope of this vulnerability we have to examine the boot process from Secure Boot to Grub. UEFI Secure Boot is designed to ensure that only trusted code is loaded during the boot process. As such, these vulnerabilities could have potentially allowed an attacker to compromise the boot process of the machine, and subvert it for malicious purposes. GRUB2 is used as the bootloader for Ubuntu and many other Linux distributions on both installed systems and installation media. In addition, these vulnerabilities have been present in GRUB2 for quite a long time. In other words, there are a large number of Linux releases and installed instances that could be vulnerable. A high profile vulnerability with such a widespread presence presents a significant challenge to protecting systems and users. For example, how to ensure that security updates can be delivered in a timely manner to both patch the vulnerability on as many existing systems as possible, but to also ensure that any old, vulnerable Linux install media cannot be used in the future to attack existing systems. This requires a coordinated approach across the community of Linux distributions, and also the wider UEFI community including Microsoft and others.
Also: New Security Hole Puts Windows and Linux Users at Risk
BootHole GRUB2 Bootloader Security Exploit Discovered, Affects Billions Of Windows And Linux Devices
‘BootHole’ Secure Boot Threat Found In Most Every Linux Distro, Windows 8 And 10
- Login or register to post comments
- Printer-friendly version
- 6870 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Linux distros fix new Boothole bug
Linux distros fix new Boothole bug
What's visible so far
Billions of Devices Impacted by Secure Boot Bypass
BootHole GRUB2 Bootloader Security Exploit Discovered, Affects Billions Of Windows And Linux Devices
New Security Hole Puts Windows and Linux Users at Risk
'BootHole' attack impacts Windows and Linux systems using GRUB2 and Secure Boot
‘BootHole’ Secure Boot Threat Found In Most Every Linux Distro, Windows 8 And 10
Linux distros fix new Boothole bug
A long list of GRUB2 secure-boot holes
Mitigating BootHole – ‘There’s a hole in the boot’ – CVE-2020-10713 and related vulnerabilities
Flaw in GRUB 2 Boot Loader Threatens Many Linux Systems
BootHole Blows Hole In GRUB2 Bootloader Security, Including UEFI SecureBoot
BootHole and Seven Other Vulnerabilities Patched in GRUB2, Update Your Distros Now
SUSE addresses BootHole security exposure
SUSE addresses BootHole security exposure
Vulnerability found in GRUB2 bootloader, nicknamed ‘BootHole’
Vulnerability found in GRUB2 bootloader, nicknamed ‘BootHole’, comproming Secure Boot
New BootHole flaw in Secure Boot affects a huge number of Linux
New BootHole flaw in Secure Boot affects a huge number of Linux and Windows systems