Описание
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | does not affect Secure Boot |
| esm-infra-legacy/trusty | not-affected | does not affect Secure Boot |
| esm-infra/bionic | not-affected | does not affect Secure Boot |
| esm-infra/focal | not-affected | does not affect Secure Boot |
| esm-infra/xenial | not-affected | does not affect Secure Boot |
| focal | not-affected | does not affect Secure Boot |
| impish | ignored | end of life |
| jammy | not-affected | does not affect Secure Boot |
| kinetic | not-affected | does not affect Secure Boot |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.187.3~18.04.1 |
| devel | not-affected | 1.193 |
| esm-infra-legacy/trusty | needs-triage | |
| esm-infra/bionic | not-affected | 1.187.3~18.04.1 |
| esm-infra/focal | not-affected | 1.187.3~20.04.1 |
| esm-infra/xenial | needed | |
| focal | released | 1.187.3~20.04.1 |
| jammy | released | 1.187.3~22.04.1 |
| kinetic | ignored | end of life |
| lunar | not-affected | 1.192 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.06-2ubuntu14.1 |
| devel | not-affected | 2.06-2ubuntu17 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | 2.06-2ubuntu14.1 |
| esm-infra/focal | not-affected | 2.06-2ubuntu14.1 |
| esm-infra/xenial | needed | |
| focal | released | 2.06-2ubuntu14.1 |
| jammy | released | 2.06-2ubuntu14.1 |
| kinetic | ignored | end of life |
| lunar | not-affected | 2.06-2ubuntu16 |
Показывать по
EPSS
6.7 Medium
CVSS3
Связанные уязвимости
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain.
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain.
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on ...
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain.
EPSS
6.7 Medium
CVSS3