Security Vulnerability: "Boothole" grub2 UEFI secure boot lockdown bypass

  • 7024765
  • 30-Jul-2020
  • 03-Sep-2020

Environment

Open Enterprise Server 2018 (OES 2018) Linux

Situation

Security researchers from Eclypsium have identified a flaw in grub2 that allows people to access the grub2 prompt, to bypass UEFI secure boot lockdown restrictions and to boot unsigned code. This flaw is tracked by CVE-2020-10713 .


The attack could allow running root-malware to become persistent over booting, e.g. becoming boot-malware, regardless of the operating system.

Resolution

As the issue is in the booting of Suse Linux Enterprise Server, please see the related document from Suse: 
 
The patch for grub on OES2018SP1 and OES2018SP2 was released as part of the August updates. 

Engineering is currently researching the possibility of releasing the patch for OES2018 FCS (no support pack). Currently, to obtain the fix for this version, the server will need to upgraded to OES2018SP1 or OES2018SP2.

Because OES2015SP1 ships on standard SLES11SP4 code, the patches for this issue on OES2015SP1 may be found by following the SuSE links found here:
https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/ in looking for the patches for each CVE listed locate the patch for SLES11SP4 LTSS.




Feedback service temporarily unavailable. For content questions or problems, please contact Support.