Hello,
We have identified a vulnerability resulting from an insecure default
configuration of OVMF/AAVMF
and similar firmware as used in Ubuntu's edk2 package, the firmware
used by LXD, and potentially other similar software
Said EDK2 based firmwares implement UEFI Secure Boot functionality but
also contain a copy of the UEFI Shell,
this gives a ...