GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: canonical
Published: 2020-07-29T00:00:00
Updated: 2021-09-21T11:06:32
Reserved: 2020-07-14T00:00:00
Link: CVE-2020-15705
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-07-29T18:15:14.187
Modified: 2022-04-18T15:22:21.303
Link: CVE-2020-15705
JSON object: View
Redhat Information
No data.
CWE