公告ID: KYLIN-2020-10713
安全等级: 中等
产品: Kylin V3
发布日期: 2020年7月29日
CVE: CVE-2020-10713
CVSS3评分: 8.2
概述:
Kernel and kernel-rt packages as shipped with Red Hat Enterprise Linux 7 and 8 are being updated to contain the new Red Hat certificate for secure boot. 描述:
A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. 系统版本:
KYLIN 3.3.x
KYLIN 3.3.x
KYLIN 3.3.x
KYLIN 3.3.x
KYLIN 3.4.x
KYLIN 3.4.x
KYLIN 3.4.x
KYLIN 3.4.x
KYLIN 3.3.x
KYLIN 3.3.x
KYLIN 3.3.x
KYLIN 3.4.x
KYLIN 3.4.x
KYLIN 3.4.x
受影响包列表:
dbxtool
kernel
kernel-alt
kernel-rt
dbxtool
fwupdate
kernel
kernel-rt
fwupdate-0:12-6.el7_8
grub2-1:2.02-0.86.el7_8
shim-0:15-7.el7_9
fwupd-0:1.1.4-7.el8_2
grub2-1:2.02-87.el8_2
shim-0:15-14.el8_2