Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
No PoCs from references.
- https://github.com/ARPSyndicate/cvemon
- https://github.com/EuroLinux/shim-review
- https://github.com/Fortinetofficial/shim-review
- https://github.com/Jurij-Ivastsuk/WAXAR-shim-review
- https://github.com/NaverCloudPlatform/shim-review
- https://github.com/Rodrigo-NR/shim-review
- https://github.com/amzdev0401/shim-review-backup
- https://github.com/baramundisoftware/ShimReview_2024
- https://github.com/bitraser/shim-review-15.4
- https://github.com/coreyvelan/shim-review
- https://github.com/ctrliq/ciq-shim-build
- https://github.com/ctrliq/shim-review
- https://github.com/jason-chang-atrust/shim-review
- https://github.com/jsegitz/shim-review-nonfork
- https://github.com/lenovo-lux/shim-review
- https://github.com/luojc123/shim-nsdl
- https://github.com/mwti/rescueshim
- https://github.com/neppe/shim-review
- https://github.com/neverware/shim-review
- https://github.com/ozun215/shim-review
- https://github.com/pauljrowland/BootHoleFix
- https://github.com/puzzleos/uefi-shim_review
- https://github.com/rhboot/shim-review
- https://github.com/synackcyber/BootHole_Fix
- https://github.com/vathpela/shim-review
- https://github.com/zeetim/shim-review