Qualys Support Proactive Notification: Red Hat Update for BootHole Vulnerability Renders Systems Unbootable

Himanshu Kathpal

A recently released Red Hat update for the BootHole vulnerability (CVE-2020-10713) is causing certain systems to become unbootable. This issue is reported to occur for updates to the shim, grub2 and kernel packages in RHEL.

If the concerned Red Hat patches have been downloaded on any of your RHEL assets, we recommend referencing the online help documentation provided by Red Hat at the following link in order to immediately remediate the issue before system reboot.

https://access.redhat.com/solutions/5272311

Environment 

This issue is confirmed in the following releases:

  • Red Hat Enterprise Linux (RHEL) 7.8 
  • Red Hat Enterprise Linux (RHEL) 8.2 

It is NOT confirmed in the following releases, but they are potentially affected:

  • Red Hat Enterprise Linux (RHEL) 8.1 EUS 
  • Red Hat Enterprise Linux (RHEL) 7.9 

Issue

UEFI: system hangs after POST and the grub menu never loads after applying the RHSA-2020:3216 and RHSA-2020:3217.

Resolution

As of writing this, Red Hat has fixed the bug in the shim packages. Updated shim packages are now available and can be used in conjunction with previously released grub2, fwupd, and fwupdate packages. 

Below you will also find a list of affected vendors and their acknowledgement of the issue: 

Centos

RHEL

Ubuntu

Debian

Detections

Qualys has released the following detections (QID: title) to identify the vulnerabilities related to CVE-2020-10713: 

  • 256935: CentOS Security Update for grub2 (CESA-2020:3217)
  • 256934: CentOS Security Update for kernel (CESA-2020:3220)
  • 177969: Debian Security Update for grub2 (DSA 4735-2)
  • 158694: Oracle Enterprise Linux Security Update for grub2 (ELSA-2020-5782)
  • 158695: Oracle Enterprise Linux Security Update for grub2 (ELSA-2020-5786)
  • 158696: Oracle Enterprise Linux Security Update for grub2 (ELSA-2020-5790)
  • 173771: SUSE Enterprise Linux Security Update for grub2 (SUSE-SU-2020:2073-1)
  • 173770: SUSE Enterprise Linux Security Update for grub2 (SUSE-SU-2020:2076-1)
  • 173769: SUSE Enterprise Linux Security Update for grub2 (SUSE-SU-2020:2078-1)
  • 173768: SUSE Enterprise Linux Security Update for grub2 (SUSE-SU-2020:2079-1)
  • 197967: Ubuntu Security Notification for Grub2 Vulnerability (USN-4432-1)
Share your Comments

Comments

Your email address will not be published. Required fields are marked *