CVE-2021-3418

Name
CVE-2021-3418
Description
If certificates that signed grub are installed into db, grub can be booted directly. It will then boot any kernel without signature validation. The booted kernel will think it was booted in secureboot mode and will implement lockdown, yet it could have been tampered. This flaw is a reintroduction of CVE-2020-15705 and only affects grub2 versions prior to 2.06 and upstream and distributions using the shim_lock mechanism.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=1933757

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:gnu:grub2:*:*:*:*:*:*:*:* grub2 >= None < 2.06

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
grub edge-main 2.06-r0 Timo Teräs <timo.teras@iki.fi> fixed
grub 3.22-main 2.06-r0 None fixed
grub 3.21-main 2.06-r0 None fixed
grub 3.20-main 2.06-r0 None fixed
grub 3.19-main 2.06-r0 None fixed
grub 3.18-main 2.06-r0 None fixed
grub 3.17-main 2.06-r0 None fixed