Serious Discussion Critical vulnerability affecting most Linux distros allows for bootkits

MuzzMelbourne

MuzzMelbourne

Level 15
Thread author
Verified
Top Poster
Well-known
Mar 13, 2022
599
Linux developers are in the process of patching a high-severity vulnerability that, in certain cases, allows the installation of malware that runs at the firmware level, giving infections access to the deepest parts of a device where they’re hard to detect or remove.


The vulnerability resides in shim, which in the context of Linux is a small component that runs in the firmware early in the boot process before the operating system has started. More specifically, the shim accompanying virtually all Linux distributions plays a crucial role in secure boot, a protection built into most modern computing devices to ensure every link in the boot process comes from a verified, trusted supplier. Successful exploitation of the vulnerability allows attackers to neutralize this mechanism by executing malicious firmware at the earliest stages of the boot process before the Unified Extensible Firmware Interface firmware has loaded and handed off control to the operating system.
Click to expand...
arstechnica.com

Critical vulnerability affecting most Linux distros allows for bootkits

Buffer overflow in bootloader shim allows attackers to run code each time devices boot up.
arstechnica.com arstechnica.com
 
  • Like
  • Wow
  • +Reputation
Reactions: oldschool, R3j3ct, vtqhtr413 and 3 others

Similar threads

CyberTech
    • Like
    • +Reputation
Security News LogoFAIL bugs in UEFI code allow planting bootkits via images
Replies
2
Views
1,836
Security News
Andy Ful
Andy Ful
Gandalf_The_Grey
    • Like
    • +Reputation
Malware News Red Hat warns of backdoor in XZ tools used by most Linux distros
Replies
3
Views
1,660
Security News
Practical Response
Practical Response
[correlate]
    • Like
    • +Reputation
    • Wow
Security News Fortinet Warns of Critical FortiOS SSL VPN Vulnerability Under Active Exploitation
Replies
1
Views
732
Security News
LennyFox
L

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top