3 matches found
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : GRUB2 regression (USN-4432-2)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4432-2 advisory. USN-4432-1 fixed vulnerabilities in GRUB2 affecting Secure Boot environments. Unfortunately, the update introduced regressions for some BI...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : GRUB 2 vulnerabilities (USN-4432-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4432-1 advisory. Jesse Michael and Mickey Shkatov discovered that the configuration parser in GRUB2 did not properly exit when errors were...
grub2: Fail kernel validation without shim protocol
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim...