A critical vulnerability dubbed as BootHole has been discovered to be affecting Windows and Linux Systems. Tracked as (CVE-2020-10713), a buffer overflow vulnerability in GRUB2 bootloader, a piece of software that loads an Operating System (OS) into memory when a system boots up. The flaw exists in how GRUB2 parses content from the config file, which is typically not signed like other files and executables, leaving an opportunity for attackers to break the hardware root of trust mechanism. This can be leveraged to compromise the boot process of an affected system that can allow attackers to control how the operating system is loaded, allowing them to disable further integrity checks.

To exploit the flaw, an attacker must need to have an administrator, elevated privileges, or local access to a vulnerable device to launch the attack. However, successful exploitation could potentially grant attackers to bypass the Secure Boot mechanism, gain high-privileged access and persistence over targeted systems.

Official patch for the vulnerability has not yet been released and operating system manufacturers are still working ways to address the issue. Hence the manufacturers provided a temporary fix for the operating system they’re responsible for.

Other vulnerabilities found on GRUB2 bootloader:
• CVE-2020-14308 Buffer overflow
• CVE-2020-14309 Heap based overflow
• CVE-2020-14310 Heap based overflow
• CVE-2020-14311 Heap based overflow
• CVE-2020-15705 Unsigned kernel load
• CVE-2020-15706 Use-after-free
• CVE-2020-15707 Integer overflow

Affected Versions:
All Linux Distribution
All Windows Operating System.

For more details and fix on the vulnerability check link provided by the operating system manufacturer/s:
Ubuntu: https://ubuntu.com/…/mitigating-boothole-theres-a-hole-in-t…

Microsoft:
https://portal.msrc.microsoft.com/…/secu…/advisory/ADV200011

Red Hat:
https://access.redhat.com/s…/vulnerabilities/grub2bootloader

Debian:
https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot/

SuSE (SLES and OpenSUSE)
https://www.suse.com/c/suse-addresses-grub2-secure-boot-is…/

VMWare:
https://kb.vmware.com/s/article/80181