Описание
EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and Availability.
A flaw was found in EDK2 (EFI Development Kit 2). This vulnerability allows an attacker to cause arbitrary command execution and impact Confidentiality, Integrity, and Availability via improper input validation by local access.
Отчет
This vulnerability is considered Important because it compromises a key security control in the boot chain, Secure Boot enforcement—by allowing an unsigned kernel to be loaded through the legacy fallback path when direct-boot signature verification fails. Although exploitation requires high privileges, the flaw enables a reliable and unintended bypass of a protection mechanism explicitly designed to prevent unauthorized code from executing during early boot. This loss of integrity in a security-critical stage gives attackers the opportunity to introduce persistent modifications, tamper with system state, or load manipulated kernels outside the trusted key database. The impact is therefore more significant than a moderate flaw, as it affects a foundational trust anchor rather than a user-space component, and can meaningfully weaken the platform’s security posture even under restricted privilege conditions.
Меры по смягчению последствий
To reduce the risk by disabling direct-boot mode, ensuring all bootable kernels are signed and present in the Secure Boot DB, and restricting privileged access to prevent attackers from introducing unsigned payloads.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | edk2 | Affected | ||
| Red Hat Enterprise Linux 8 | edk2 | Affected | ||
| Red Hat Enterprise Linux 9 | edk2 | Affected | ||
| Red Hat OpenShift Container Platform 4 | rhcos | Will not fix |
Показывать по
Дополнительная информация
Статус:
8.2 High
CVSS3
Связанные уязвимости
EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and Availability.
EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and Availability.
Un-verified kernel bypass Secure Boot mechanism in direct boot mode
EDK2 contains a vulnerability in BIOS where an attacker may cause \u20 ...
EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and Availability.
8.2 High
CVSS3