Summary

Security Advisory ID : BSA-2020-1053

Component : GRUB2

Revision : 1.0: Initial

Security Researchers from Eclypsium disclosed “BootHole.” (1), (2).
“BootHole” vulnerability in the GRUB2 bootloader opens up Windows and Linux devices using Secure Boot to attack. All operating systems using GRUB2 with Secure Boot must release new installers and bootloaders. 

The vulnerability was assigned CVE-2020-10713.

Overview of CVE-2020-10713
The GRUB2 boot loader is vulnerable to buffer overflow, which results in arbitrary code execution during the boot process, even when Secure Boot is enabled.

Additional vulnerabilities
In response to Eclypsium's initial vulnerability report, additional scrutiny was applied to the GRUB2 code. The Canonical security team discovered many other vulnerabilities:

CVE-2020-14308 GRUB2: grub_malloc does not validate allocation size allowing for arithmetic overflow and subsequent heap-based buffer overflow

CVE-2020-14309 GRUB2: Integer overflow in grub_squash_read_symlink may lead to heap based overflow

​CVE-2020-14310 GRUB2: Integer overflow read_section_from_string may lead to heap based overflow

CVE-2020-14311 GRUB2: Integer overflow in grub_ext2_read_link leads to heap based buffer overflow,

CVE-2020-15705 GRUB2: avoid loading unsigned kernels when grub is booted directly under secure boot without shim

CVE-2020-15706 GRUB2 script: Avoid a use-after-free when redefining a function during execution

CVE-2020-15707 GRUB2: Integer overflow in initrd size handling.

(1). https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/

(2). https://kb.cert.org/vuls/id/174059

Affected Products

No Brocade Fibre Channel Products from Broadcom are currently known to be affected by these vulnerabilities. 

Note

Brocade Manageability products are not vulnerable to "BootHole" and variants. However, since the environment that runs the products is not under Brocade's control, Brocade recommends Customers to apply recommendations from the vendors. 

Revision History