The GNU GRUB (Grand Unified Bootloader) is a software used to manage the boot process of computers. This vulnerability allows an attacker to cause GRUB to crash, leading to a Denial of Service (DoS). If your system boots with GRUB, you're at risk.
The GNU GRUB (Grand Unified Bootloader) is a software used to manage the boot process of computers. This vulnerability allows an attacker to cause GRUB to crash, leading to a Denial of Service (DoS). If your system boots with GRUB, you're at risk.
You're affected if you use GNU GRUB versions 2.06-2.08. This is a local access vulnerability requiring expertise to exploit; the attack complexity is high due to the need for low-level system knowledge. Check with: grub --version on Linux systems or grub-bios --version on BIOS systems.
To fix this vulnerability, you can update to GRUB version 2.09 or later from the official GNU GRUB website: https://www.gnu.org/software/grub/manual/grub/Installation.html#Installing-GRUB
Immediate mitigations:
- Disable GRUB's file-closing process by setting grub.cfg to read-only mode (sudo chattr +i /boot/grub/grub.cfg)
- Use a secure boot mechanism (e.g., UEFI firmware settings) if available