CVE-2020-15705
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-15705
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-15705.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-15705
- Related
- Published
- 2020-07-29T18:15:14Z
- Modified
- 2024-09-03T03:17:29.632265Z
- Severity
-
- 6.4 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.
- References
-
- http://ubuntu.com/security/notices/USN-4432-1
- https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011
- https://security.gentoo.org/glsa/202104-05
- https://security.netapp.com/advisory/ntap-20200731-0008/
- https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00067.html
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00069.html
- http://www.openwall.com/lists/oss-security/2020/07/29/3
- http://www.openwall.com/lists/oss-security/2021/03/02/3
- http://www.openwall.com/lists/oss-security/2021/09/17/2
- http://www.openwall.com/lists/oss-security/2021/09/17/4
- http://www.openwall.com/lists/oss-security/2021/09/21/1
- https://www.openwall.com/lists/oss-security/2020/07/29/3
- https://access.redhat.com/security/vulnerabilities/grub2bootloader
- https://usn.ubuntu.com/4432-1/
- https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass
- https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/
- https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/
- https://www.suse.com/support/kb/doc/?id=000019673
- https://security.alpinelinux.org/vuln/CVE-2020-15705
Affected packages
Alpine:v3.17 / grub
Package
- Name
- grub
- Purl
- pkg:apk/alpine/grub?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.06-r0
Affected versions
2.*
2.02_beta3-r0
2.02_beta3-r1
2.02_beta3-r2
2.02_beta3-r3
2.02_beta3-r4
2.02_beta3-r5
2.02_beta3-r6
2.02_beta3-r7
2.02-r0
2.02-r1
2.02-r2
2.02-r3
2.02-r4
2.02-r5
2.02-r6
2.02-r7
2.02-r8
2.02-r9
2.02-r10
2.02-r11
2.02-r12
2.02-r13
2.02-r14
2.02-r15
2.02-r16
2.02-r17
2.02-r18
2.02-r19
2.02-r20
2.04-r0
2.04-r1
2.04-r2
2.04-r3
Alpine:v3.18 / grub
Package
- Name
- grub
- Purl
- pkg:apk/alpine/grub?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.06-r0
Affected versions
2.*
2.02_beta3-r0
2.02_beta3-r1
2.02_beta3-r2
2.02_beta3-r3
2.02_beta3-r4
2.02_beta3-r5
2.02_beta3-r6
2.02_beta3-r7
2.02-r0
2.02-r1
2.02-r2
2.02-r3
2.02-r4
2.02-r5
2.02-r6
2.02-r7
2.02-r8
2.02-r9
2.02-r10
2.02-r11
2.02-r12
2.02-r13
2.02-r14
2.02-r15
2.02-r16
2.02-r17
2.02-r18
2.02-r19
2.02-r20
2.04-r0
2.04-r1
2.04-r2
2.04-r3
Alpine:v3.19 / grub
Package
- Name
- grub
- Purl
- pkg:apk/alpine/grub?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.06-r0
Affected versions
2.*
2.02_beta3-r0
2.02_beta3-r1
2.02_beta3-r2
2.02_beta3-r3
2.02_beta3-r4
2.02_beta3-r5
2.02_beta3-r6
2.02_beta3-r7
2.02-r0
2.02-r1
2.02-r2
2.02-r3
2.02-r4
2.02-r5
2.02-r6
2.02-r7
2.02-r8
2.02-r9
2.02-r10
2.02-r11
2.02-r12
2.02-r13
2.02-r14
2.02-r15
2.02-r16
2.02-r17
2.02-r18
2.02-r19
2.02-r20
2.04-r0
2.04-r1
2.04-r2
2.04-r3
Alpine:v3.20 / grub
Package
- Name
- grub
- Purl
- pkg:apk/alpine/grub?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.06-r0
Affected versions
2.*
2.02_beta3-r0
2.02_beta3-r1
2.02_beta3-r2
2.02_beta3-r3
2.02_beta3-r4
2.02_beta3-r5
2.02_beta3-r6
2.02_beta3-r7
2.02-r0
2.02-r1
2.02-r2
2.02-r3
2.02-r4
2.02-r5
2.02-r6
2.02-r7
2.02-r8
2.02-r9
2.02-r10
2.02-r11
2.02-r12
2.02-r13
2.02-r14
2.02-r15
2.02-r16
2.02-r17
2.02-r18
2.02-r19
2.02-r20
2.04-r0
2.04-r1
2.04-r2
2.04-r3