How to Fix Boot Hole vulnerability CVE-2020-1073








This Boot hole vulnerability let attackers to take over the boot process and disrupt operation of the System.

RedHat team is working on an update to fix this bug.

As part of our Server Support Services, we have help our customers to protect their Linux Systems against any attack.

In this context, we shall look into boot hole vulnerability and how to  minimize such security concerns.

More about Boot Hole vulnerability CVE-2020-1073?

BootHole system vulnerability in GRUB2 bootloader lets an intruder or attacker to take advantage of the security flaw in Windows and Linux systems to do exploits. This affects the system during the boot process and therefore causes disruptions in operation.

This vulnerability seems to affect systems utilizing Secure Boot as well as those using GRUB2. Therefore, it affects all Linux distribution.

How to minimize risk of these attacks

With time RedHat will provide a patch to fix this bug as they are currently working on it.
For now, it is best not to apply updates in the grub2 , fwupdate until this security concern is fixed with the upcoming patch.
However, the following precaution is recommended to protect your system.

Before you reboot the system

i. Check that the packages are not updated and if updated already, there is need for your to downgrade with the following command;

yum downgrade shim\* grub2\* mokutil


ii. Place a security instruction in the yum configuration file "/etc/yum.conf" to stop any upgrade in the "grub2" package. Use the command below;

exclude=grub2* shim* mokutil


After you reboot the system

i. Use the RHEL DVD in the Troubleshooting  mode when booting up the system.
ii. Configure the network.
iii. Use the chroot  feature as seen below;

chroot /mnt/sysimage


iv. Next, you should perform a downgrade of the concerned packages with the following command;

yum downgrade shim\* grub2\* mokutil


v. As earlier advised, protect any upgrade of the grub2 packages  in the yum configuration file "/etc/yum.conf" with the following attribute;

exclude=grub2* shim* mokutil


vi. Exit the chroot and reboot the system with the following command;

exit
exit


Need support in protecting your Linux System? Consult us Today.


Conclusion

Just recently, on the 29th, July 2020, Popular Linux Distribution RedHat announced that there was a great security concern in the grub2 (CVE-2020-1073) version.


For Linux Tutorials

We create Linux HowTos and Tutorials for Sys Admins. Visit us on LinuxAPT.com

Also for Tech related tips, Visit forum.outsourcepath.com or General Technical tips on www.outsourcepath.com