![]() ![]() The latter 3 of these are Ubuntu components, while the former is provided by the device OEM. These consist of the UEFI platform firmware (aka UEFI BIOS), shim, the GRUB2 bootloader and the Linux kernel. In this blog post we will discuss these vulnerabilities as well as the changes that have been made to Ubuntu to both mitigate them, and to make the update process easier for any future similar scenarios.Īs discussed back in August 2020, the UEFI Secure Boot process in Ubuntu is supported by a number of different components, all working together to ensure that only trusted bootloaders and operating systems are able to run. Because GRUB2 is a key component of the boot process, vulnerabilities in it can permit attackers to violate the integrity promises of UEFI Secure Boot. Today, another set of vulnerabilities in GRUB2 were disclosed, with similar implications. In August 2020, a set of security vulnerabilities in GRUB2 (the GRand Unified Bootloader version 2) collectively known as BootHole were disclosed.
0 Comments
Leave a Reply. |