Canonical Fixes Secure Boot Bypass Flaw
Numerous Ubuntu installations have been subject to two particular vulnerabilities (CVE-2019-20908 and CVE-2020-15780) that could allow an attacker to bypass Secure Boot restrictions and execute binary code within the confines of the Linux kernel. Affected Ubuntu releases include those running kernel 4.15 and 5.4, so 14.04 ESM, 16.04, 16.04.6, 18.04, 18.04.4, and 20.04.
The CVE-2019-20908 (kernels 4.4.0 and 4.15.0) vulnerability was discovered to include incorrect access permissions for the efivar_ssdt ACPI variable. This vulnerability was listed as a medium priority.
The CVE-2020-15780 (kernel 5.4) vulnerability was discovered to allow the injection of malicious ACPI tables, via configfs, which could then be used by attackers to bypass lockdown and secure boot restrictions. This vulnerability was also listed as medium priority.
This particular security patch also fixes four other vulnerabilities:
- CVE-2020-11935 (affects all supported Ubuntu releases) which could allow an attacker to cause a DOS (Denial Of Service) attack.
- CVE-2019-16089 and CVE-2019-19462, both of which could allow an attacker to cause a DOS attack via the network block device and kernel user space relay implementations.
- CV-2020-10757 which would allow an attacker to access DAX storage to gain admin privileges.
It is important for any admin who manages affected Ubuntu systems to update immediately.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.