CyberSecurityBoard
Sponsor Register Login

Linux Boot Vulnerability Allows Bypass of Secure Boot Protections on Modern Linux Systems

The attack exploits debug shells accessible during boot failures, enabling persistent malware injection that survives system reboots and maintains access even after users enter correct passwords for encrypted partitions. Attackers with physical access can bypass Secure Boot protections by exploiting debug shells in the initramfs during boot failures. Multiple incorrect password entries trigger debug access, allowing injection of persistent malware into unsigned initramfs components. Fedora 42 and AlmaLinux 10 present unique challenges as their default initramfs lacks the usb_storage kernel module, but attackers can circumvent this by triggering reboots using Ctrl+Alt+Delete and selecting rescue entries, reads the report. The vulnerability represents what security experts classify as an “evil maid” attack scenario, requiring temporary physical access to compromised systems. These parameters force the system to halt instead of providing debug shell access during boot failures. Additional protective measures include configuring bootloader password requirements for system booting, enabling SSD native encryption, and implementing LUKS encryption for boot partitions.

This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 07 Jul 2025 11:20:14 +0000


Cyber News related to Linux Boot Vulnerability Allows Bypass of Secure Boot Protections on Modern Linux Systems

Critical 'LogoFAIL' Bugs Offer Secure Boot Bypass for Millions of PCs - Researchers have uncovered "LogoFAIL," a set of critical vulnerabilities present in the Unified Extensible Firmware Interface ecosystem for PCs. Exploitation of the vulnerabilities nullify essential endpoint security measures and provide attackers ...
2 years ago Darkreading.com
Secure Boot bypass risk on nearly 200,000 Linux Framework systems - A critical security vulnerability has been identified affecting nearly 200,000 Linux Framework systems, allowing attackers to bypass Secure Boot protections. Secure Boot is a vital security feature designed to ensure that only trusted software is ...
1 month ago Bleepingcomputer.com
CVSS 9.8 Bootkit Bug in shim.efi - A Microsoft researcher found it-and it's somehow Microsoft's fault. A critical vulnerability in most Linux distributions now has a patch ready. Enterprise users especially need this if booting using HTTP or PXE. So go get it. In today's SB Blogwatch, ...
1 year ago Securityboulevard.com CVE-2023-40547
LogoFail vulnerability affects many Windows and Linux devices - Many commercial computers are vulnerable to a set of vulnerabilities that exploit flaws in the processing of startup logos during boot. ADVERTISEMENT. Security researchers at Binarly have disclosed security vulnerabilities in system firmware used by ...
1 year ago Ghacks.net
Linux Distros Hit by RCE Vulnerability in Shim Bootloader - Linux shim, a small piece of code that many major Linux distros use during the secure boot process, has a remote code execution vulnerability in it that gives attackers a way to take complete control of affected systems. All Linux distributions that ...
1 year ago Darkreading.com CVE-2023-40547
Shim Bug Uncovered: A Ten-Year Security Breach in Linux Boot Loaders - In the dynamic realm of cybersecurity, discovering a significant flaw in every Linux boot loader signed in the past decade has underscored the pervasive nature of potential threats. This blog explores the intricacies of the Shim bug, its implications ...
1 year ago Cysecurity.news
CVE-2024-36886 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago
Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack - Hundreds of Windows and Linux computer models from virtually all hardware makers are vulnerable to a new attack that executes malicious firmware early in the boot-up sequence, a feat that allows infections that are nearly impossible to detect or ...
1 year ago Arstechnica.com
IT and OT cybersecurity: A holistic approach - In comparison, OT refers to the specialized systems that control physical processes and industrial operations. OT Technologies include industrial control systems, SCADA systems and programmable logic controllers that directly control physical ...
1 year ago Securityintelligence.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
1 year ago Cisa.gov
Linux Boot Vulnerability Allows Bypass of Secure Boot Protections on Modern Linux Systems - The attack exploits debug shells accessible during boot failures, enabling persistent malware injection that survives system reboots and maintains access even after users enter correct passwords for encrypted partitions. Attackers with physical ...
4 months ago Cybersecuritynews.com
Linux Grub Read Command Buffer Overflow Vulnerability Enabling Potential Secure Boot Bypass - This memory corruption could destabilize GRUB’s internal data structures, creating opportunities to subvert Secure Boot’s signature verification process a critical defense against unauthorized operating system or kernel-level malware. It could ...
9 months ago Cybersecuritynews.com
Microsoft uses AI to find flaws in GRUB2, U-Boot, Barebox bootloaders - "While threat actors would likely require physical device access to exploit the U-boot or Barebox vulnerabilities, in the case of GRUB2, the vulnerabilities could further be exploited to bypass Secure Boot and install stealthy bootkits or potentially ...
8 months ago Bleepingcomputer.com
New HybridPetya ransomware can bypass UEFI Secure Boot - A new variant of the notorious Petya ransomware, dubbed HybridPetya, has been discovered with the capability to bypass UEFI Secure Boot, a critical security feature designed to prevent unauthorized firmware, operating systems, or UEFI drivers from ...
2 months ago Bleepingcomputer.com
Microsoft fixes Linux boot issues on dual-boot Windows systems - Microsoft has fixed a known issue preventing Linux from booting on dual-boot systems with Secure Boot enabled after installing the August 2024 Windows security updates. Microsoft confirmed the known issue following widespread reports, ...
6 months ago Bleepingcomputer.com CVE-2022-2601
Secure Workload and Secure Firewall: The recipe for a robust zero trust cybersecurity strategy - You hear a lot about zero trust microsegmentation these days and rightly so. While a host-based enforcement approach is immensely powerful because it provides access to rich telemetry in terms of processes, packages, and CVEs running on the ...
1 year ago Feedpress.me
CVE-2022-27632 - Cross-site request forgery (CSRF) vulnerability in Rebooter(WATCH BOOT nino RPC-M2C [End of Sale] all firmware versions, WATCH BOOT light RPC-M5C [End of Sale] all firmware versions, WATCH BOOT L-zero RPC-M4L [End of Sale] all firmware versions, ...
3 years ago
CVE-2022-28717 - Cross-site scripting vulnerability in Rebooter(WATCH BOOT nino RPC-M2C [End of Sale] all firmware versions, WATCH BOOT light RPC-M5C [End of Sale] all firmware versions, WATCH BOOT L-zero RPC-M4L [End of Sale] all firmware versions, WATCH BOOT mini ...
3 years ago
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
1 year ago Cisa.gov
Zero Trust Security: How to Secure Critical Infrastructure - Zero trust security is a critical component of any organization's security strategy that enables organizations to protect their data and systems from malicious actors, cyber threats, and unauthorized access. With the ever-evolving cyber threats ...
2 years ago Csoonline.com
Creating a New Market for Post-Quantum Cryptography - A day in the busy life of any systems integrator includes many actions that revolve around the lifeblood of its business - its customers. Systems integrators help solve evolving customer business challenges, which in turn adds partner value. It's a ...
1 year ago Securityboulevard.com
The Embedded Systems and The Internet of Things - The Internet of Things is a quite new concept dealing with the devices being connected to each other and communicating through the web environment. This concept is gaining its popularity amongst the embedded systems that exist - let's say - 10 or ...
1 year ago Cyberdefensemagazine.com
Clevo Devices Boot Guard Private Key Exposed Via Firmware Update Packages - Boot Guard private keys were found exposed within firmware update packages, potentially allowing attackers to bypass critical security protections in affected devices. Researchers at Binary Research have uncovered that private cryptographic keys used ...
8 months ago Cybersecuritynews.com
Cisco Secure Access Extends SSE With Mobile Zero Trust - Earlier this year, we introduced Cisco Secure Access, a security service edge solution that combines a secure web gateway, cloud access security broker, firewall-as-a-service, zero trust access and more, to help organizations address this challenge ...
1 year ago Feedpress.me
Embedded Linux IoT Security: Defending Against Cyber Threats - Embedded Linux IoT systems are now essential parts of many different kinds of products, from industrial machinery and smart appliances to medical equipment and automobile systems. As Embedded Linux is being used widely, it has attracted the attention ...
1 year ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)