Cirrus Tech Ltd.

×
×

Knowledgebase

The knowledgebase provides documentation written by our team. Please select a category or search for answers.

Articles

CentOS Patch against BootHole

What is the GRUB2 BootHole Vulnerability (CVE-2020-10713)?

BootHole (CVE-2020-10713) is a new high-risk vulnerability that can potentially effect billions of devices worldwide, from servers and workstations to laptops, desktops and IoT systems running nearly any Linux distribution or Windows system. 

Exploiting it requires high privileges or physical access, so no serious impact to hosting servers likely.

BootHole resides in the GRUB2 bootloader. If exploited, it could potentially allow hackers bypass the Secure Boot feature, designed explicitly to prevent unauthorized code from gaining additional privileges and pre-OS persistence. Thus, the attacker would gain high-privileged persistent and stealthy access to those targeted systems.

How to fix the BootHole vulnerability ?

Any machine running a version of GRUB2 older than version 2.06 is affected. To find out what version of GRUB2 you are running, SSH to the server and issue the command:

yum info grub2-common

If you see Version 2.02 or earlier, your machine is vulnerable.

Let's patch it.

How to patch CentOS against BootHole ?

Use the below command:

yum install shim

yum update -y

reboot


Now your server is patched against the BootHole vulnerability.

Was this article helpful?
Dislike0 Like0
Views: 61

Powered by HostBill