We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | canonical |
Reserved | 2022-04-05 |
Published | 2023-07-20 |
Updated | 2024-10-24 |
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Julian Andres Klode
https://www.openwall.com/lists/oss-security/2022/06/07/5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28735
https://security.netapp.com/advisory/ntap-20230825-0002/