CVE-2020-15705

Published: 29 July 2020

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.

From the Ubuntu security team

Mathieu Trudel-Lapierre discovered that in certain situations, GRUB2 failed to validate kernel signatures. A local attacker could use this to bypass Secure Boot restrictions.

Priority

Medium

CVSS 3 base score: 6.4

Status

Package Release Status
grub2
Launchpad, Ubuntu, Debian 		Upstream Needs triage

Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
(2.04-1ubuntu26.1)
Ubuntu 20.10 (Groovy Gorilla) Not vulnerable
(2.04-1ubuntu26.1)
Ubuntu 20.04 LTS (Focal Fossa)
Released (2.04-1ubuntu26.1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (2.02-2ubuntu8.16)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (2.02~beta2-36ubuntu3.26)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (2.02~beta2-9ubuntu1.20)
grub2-signed
Launchpad, Ubuntu, Debian 		Upstream Needs triage

Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
(1.147)
Ubuntu 20.10 (Groovy Gorilla) Not vulnerable
(1.147)
Ubuntu 20.04 LTS (Focal Fossa)
Released (1.142.3)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (1.93.18)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (1.66.26)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (1.34.22)

Notes

AuthorNote
amurray 
grub2-signed is not supported in Ubuntu 12.04 ESM (precise/esm) and so marking the priority for grub2 in this release as low

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM

Further reading