18 August 2020 by Phillip Johnston • Last updated 15 August 2023Researchers at Eclypsium discovered a major security flaw in the widely used GRUB2 bootloader, which is used on Windows and Linux devices. The vulnerability, dubbed “BootHole”, is triggered by a buffer overflow during the parsing of the grub.cfg file. Modifying this file does not alter the integrity of the signed vendor shim or GRUB2 bootloader executables. An attacker with administrator privileges can modify the grub.cfg file to trigger the overflow without being detected. Impact This vulnerability gives an attacker “virtually unlimited control over the victim device”. Most notably, it …
Continue reading “BootHole: Bypass Secure Boot in GRUB2”
To access this content, you must purchase a Community Membership, Community Membership for Teams, Lifetime Membership – Community, Educational Membership, Educational Membership for Teams, Lifetime Membership – Educational or Complete Course Bundle. If you're a member, log in.