News: Multiple New Security Issues Hit GRUB Bootloader Around Secur...

Advisories

Discover Security Vulnerabilities News

Discover How To Secure My Firewall HOWTOs

Multiple New Security Issues Hit GRUB Bootloader Around Secure Boot

Multiple New Security Issues Hit GRUB Bootloader Around Secure Boot

Last summer, the GRUB bootloader was impacted by "BootHole" with security issues hitting its UEFI Secure Boot support. Now a new round of GRUB2 vulnerabilities affecting its UEFI Secure Boot support have been made public.

A new set of GRUB2 security vulnerabilities were made public today affecting its UEFI Secure Boot support. A set of eight CVEs were issued in 2020 and this year for the new issues. The issues include the possibility of specially crafted ACPI tables being loaded even if Secure Boot is active, memory corruption in GRUB's menu rendering, use-after-free in rmmod functionality, the cutmem command allowing privileged users to disable certain memory regions and in turn Secure Boot protections, arbitrary code execution even if Secure Boot is enabled, GRUB 2.05 accidentally re-introducing one of last year's vulnerabilities, and memory corruption from crafted USB device descriptors that could lead to arbitrary code execution.

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.