Multiple vulnerabilities have been discovered in GRUB2, the most severe of which could allow for complete system compromise. GRUB2 is a popular Linux bootloader that works with UEFI secure boot. A boot loader is a piece of software that is designed to load and hand over control to the operating system when the system is first turned on. UEFI secure boot is a verification method added to the boot up process used to verify binaries loaded during bootup against a list of known trusted binary files. Successful exploitation of the most severe of theses vulnerabilities could allow for arbitrary code execution and lead to complete compromise of the local system
Multiple vulnerabilities have been discovered in GRUB2, the most severe of which could allow for complete compromise of the local system. Details of these vulnerabilities are as follows:
- A vulnerability exists when parsing grub.cfg that could allow loading of arbitrary code (CVE-2020-10713)
- A heap-based buffer overflow vulnerability exists that can impact the integrity, confidentiality, and availability of the local machine. (CVE-2020-14308)
- Multiple integer buffer overflow vulnerabilities exist. (CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-15707)
- A use-after-free vulnerability exists that could allow for arbitrary code execution (CVE-2020-15706)
Successful exploitation of the most severe of theses vulnerabilities could allow for arbitrary code execution and lead to complete compromise of the local system.
Recommendations
- Apply appropriate patches to vulnerable systems immediately after appropriate testing.
- Enforce password complexity, using NIST Special Publication 800-63B, Appendix A as a reference
- Enforce physical security to prevent unauthorized access to the local machine.
- The MS-ISAC has been informed that multiple distributions of Linux have experienced problems after patching GRUB2. We strongly recommend testing any patches before applying them to live systems and making backups before going live with any changes.