Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2020-14372  

GRUB2 enables the use of the command acpi even when secure boot is signaled by the firmware. An attacker with local root privileges can drop a small SSDT in /boot/efi and modify grub.cfg to instruct grub to load said SSDT. The SSDT then gets run by the kernel and it overwrites the kernel lockdown configuration enabling the attacker to load unsigned kernel modules and kexec unsigned code.

Source
Severity Medium

Remote No

Type Arbitrary code execution

Description 

GRUB2 enables the use of the command acpi even when secure boot is signaled by the firmware. An attacker with local root privileges can drop a small SSDT in /boot/efi and modify grub.cfg to instruct grub to load said SSDT. The SSDT then gets run by the kernel and it overwrites the kernel lockdown configuration enabling the attacker to load unsigned kernel modules and kexec unsigned code.

AVG-1629 grub 2:2.04-10 2:2.04.r340.g8fcfd1e0f-1 Medium Testing 

https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html
https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=3e8e4c0549240fa209acffceb473e1e509b50c95

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started