Critical flaw in Shim bootloader impacts major Linux distros
Posted: Thu Feb 08, 2024 12:25 am
A critical vulnerability in the Shim Linux bootloader enables attackers to execute code and take control of a target system before the kernel is loaded, bypassing existing security mechanisms.
Shim is a small open-source bootloader maintained by Red Hat that is designed to facilitate the Secure Boot process on computers using Unified Extensible Firmware Interface (UEFI).
The tool is signed with a Microsoft key accepted by default on most UEFI motherboards that is used to verify the next stage of the boot process, typically loading the GRUB2 bootloader.
[...]
Critical flaw in Shim bootloader impacts major Linux distros
Shim is a small open-source bootloader maintained by Red Hat that is designed to facilitate the Secure Boot process on computers using Unified Extensible Firmware Interface (UEFI).
The tool is signed with a Microsoft key accepted by default on most UEFI motherboards that is used to verify the next stage of the boot process, typically loading the GRUB2 bootloader.
[...]
Critical flaw in Shim bootloader impacts major Linux distros