As many experts anticipated, patches for the BootHole vulnerability in the GRUB2 bootloader that is used by all major Linux distributions are causing problems and preventing some users from booting their systems.
While the list of affected distros only included Red Hat yesterday, it has now expanded to include users of Ubuntu [1, 2, 3], Debian, CentOS [1, 2], and Fedora.
Microsoft security researcher Kevin Beaumont, also reports issues in cloud environments, namely where "a bug in cloud-init is causing problems across major cloud providers with Grub, such as Digital Ocean and Azure, having the same impact: patched systems then fail to boot."
What is BootHole
Details about the BootHole vulnerability were published earlier this week, on Wednesday. Discovered by security firm Eclypsium, the vulnerability impacts GRUB2, a bootloader component used to help launch operating systems on servers and desktops.
GRUB2 is currently the default bootloader on all major Linux systems but is also used for Windows, in some scenarios, such as a custom bootloader or for dual-boot purposes.
The BootHole vulnerability allows attackers or malware to modify the GRUB2's config file and insert malicious code in the bootloader, and inherently the operating system that it launches.
Systems using GRUB2 in a Secure Boot mode were also deemed vulnerable, as the GRUB2 config file is not protected by the Secure Boot process checks.
The vulnerability was deemed serious enough that all major Linux distros had patches ready when Eclypsium went public with its research earlier this week.
Most experts anticipated problems
The issues were to be expected, Kelly Shortridge, VP of cybersecurity firm Capsule8, said in a blog post this week, where she analyzed the impact of the BootHole vulnerability on system administrators.
The issues primarily arise because patching BootHole involves dancing around advanced cryptography, the safety checks of the Secure Boot process, and working with an allowlist-denylist managed by Microsoft, everyone expected issues to arise.
And so they did. As ZDNet reported yesterday, the first issues were reported with Red Hat, but more bug reports are now coming in from other distros.
Because a bug in GRUB2 usually stops the entire OS from booting, the issues result in downtime for those affected. In all cases, users reported that downgrading systems to a previous release to reverse the BootHole patches usually fixed their problems.
Regardless of the reported problems, users are still advised to apply the BootHole patches, as security researchers expect this bug to be weaponized by malware operators at some point in the future -- primarily because it allows malware to implant a bootkit component on infected systems that operates below the antivirus level and survive OS reinstalls.
tinyurlis.gdv.gdv.htu.nuclck.ruulvis.netshrtco.de
مقالات مشابه
- راهنمای خرید دماسنج ترموکوپل برای موقعیت های مختلف + قیمت عالی آراد برندینگ
- Stimulus check money: Could the IRS send $1,200 or more? You can estimate that now - CNET
- نیسان بنیاد جوایز کمک های مالی به 27 سازمان های محلی ساختمان جامعه با ترویج تنوع آموزش و پرورش
- هنگامی که اولین شما می توانید یک دوم محرک بررسی کنید ؟ چگونه زمان می تواند لرزش - CNET
- اسباب بازی - آیا اندازه گیری مهم است؟
- برزیل رتبه بالا در سازمان ملل متحد دولت الکترونیکی شاخص
- شرکت صادرات و واردات کالاهای مختلف از جمله کاشی و سرامیک و ارائه دهنده خدمات ترانزیت و بارگیری دریایی و ریلی و ترخیص کالا برای کشورهای مختلف از جمله روسیه و کشورهای حوزه cis و سایر نقاط جهان - بازرگانی علی قانعی
- Optus دست داده نامحدود برای 24 ساعت به مشتریانی که پرداخت AU$5
- شرکت صادرات و واردات کالاهای مختلف از جمله کاشی و سرامیک و ارائه دهنده خدمات ترانزیت و بارگیری دریایی و ریلی و ترخیص کالا برای کشورهای مختلف از جمله روسیه و کشورهای حوزه cis و سایر نقاط جهان - بازرگانی علی قانعی
- آیا در اسباب بازی خوب هستید؟ اینجا یک سریع امتحان جستجو