Описание
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.
A flaw was found in how the ACPI table loading through the EFI variable (and the related efivar_ssdt boot option) was handled when the Linux kernel was locked down. This flaw allows a (root) privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Отчет
This issue is rated as having Moderate impact because of the privileges required for exploitation.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | kernel | Not affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-alt | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise MRG 2 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2020:3219 | 29.07.2020 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2020:3218 | 29.07.2020 |
| Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions | kernel | Fixed | RHSA-2020:3228 | 29.07.2020 |
| Red Hat Enterprise Linux 8.1 Extended Update Support | kernel | Fixed | RHSA-2020:3222 | 29.07.2020 |
Показывать по
Ссылки на источники
Дополнительная информация
Статус:
6.4 Medium
CVSS3
Связанные уязвимости
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.
An issue was discovered in drivers/firmware/efi/efi.c in the Linux ker ...
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.
ELSA-2020-5791: Unbreakable Enterprise kernel security update (IMPORTANT)
6.4 Medium
CVSS3