Microsoft Sabotages Linux, Then Blames Linux
-
Ars Technica ☛ Critical vulnerability affecting most Linux distros allows for bootkits [Ed: No, the issue here is Microsoft, not "Linux"]
Buffer overflow in bootloader shim allows attackers to run code each time devices boot up.
-
Bleeping Computer ☛ Critical flaw in Shim bootloader impacts major Linux distros [Ed: Microsoft-connected sites are trying to blame "Linux"]
-
Hacker News ☛ Critical Boot Loader Vulnerability in Shim Impacts Nearly All Linux Distros [Ed: This is the fault of Microsofters. They sabotage Linux and then blame "Linux".]
-
Cyber Security News ☛ Linux Shim Bootloader Flaw Expose Most Linux Distros to Code Execution Attacks [Ed: The real issue here is Microsoft and its moles, not Linux. This should not even exist.]
-
TechRadar ☛ Linux devs racing to patch critical security flaw that could allow bootkit installation [Ed: Trying to blame Linux instead of Microsoft]
-
Security Affairs ☛ Critical shim bug impacts every Linux boot loader signed in the past decade [Ed: This just proves what Techrights said since 2012]
The maintainers of Shim addressed six vulnerabilities, including a critical flaw that could potentially lead to remote code execution.
-
Critical Shim Bootloader Flaw Leaves All Linux Distro Vulnerable [Ed: This is Microsoft attacking the security of Linux. Then Linux takes the blame.]
A critical vulnerability in the Shim Linux bootloader has been discovered, enabling attackers to execute code and take control of a target system before the kernel is loaded, bypassing existing security mechanisms.
The flaw, tracked as CVE-2023-40547, affects Shim, a small open-source bootloader maintained by Red Hat, designed to facilitate the Secure Boot process on computers using Unified Extensible Firmware Interface (UEFI).
-
IT News AU ☛ Bootloader bug exposes Linux secure boot
Microsoft’s vulnerability and mitigations team have discovered a bug in a program called Shim, which is used in Linux distributions that support secure boot.
Late one:
-
Linux Distros Hit by RCE Vulnerability in Shim Bootloader
However, not everyone agrees with the NVD's assessment of CVE-2023-40547 being a near-maximum severity bug.
Also late:
-
Linux Devs Rush to Patch Critical Vulnerability in Shim
Linux developers have addressed a new security flaw discovered in Shim, a component crucial for the boot process in Linux-based systems.
This vulnerability poses a significant risk by allowing the installation of malware that operates at the firmware level (secure boot bypass), presenting challenges for detection and removal.
It was never about security:
-
Linux Vendors Squawk: PATCH NOW — CVSS 9.8 Bootkit Bug in shim.efi
A critical vulnerability in most Linux distributions now has a patch ready. Enterprise users especially need this if booting using HTTP or PXE.
-
Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability
Multiple cybersecurity organizations identified a vulnerability in Shim, a small application involved in the secure boot process of most Linux distributions (CVE-2023-40547). A NIST advisory rated the vulnerability as critical with a CVSS score of 9.8, and a Red Hat advisory rated the vulnerability as high with a CVSS score of 8.3. The flaw in Shim’s HTTP protocol handling could enable a network attacker to bypass secure boot, take over vulnerable Linux systems, and execute remote code. Eclypsium noted that an attacker on the same network could alter the reboot execution environment to load a compromised shim loader. This would allow an attacker to gain control of target systems before the machine is able to load the kernel and operating systems, along with their protective measures. Users can mitigate the vulnerability by updating Shim and the secure boot chain of trust to their patched versions.
-
RedHat patches critical flaw in Linux shim bootloader
The maintainers of shim at RedHat have patched a critical vulnerability that could have let an attacker gain privileged access to a Linux system even before the kernel was loaded, potentially leading to a complete system takeover.
When working properly, a shim functions as an early stage bootloader that’s primarily used to let Linux distributions support the Secure Boot process. It’s signed with Microsoft's Third-Party Certificate Authority, which lets the shim become a valid participant in a Secure Boot as configured on most computers.
ZDNet:
-
Shim vulnerability exposes most GNU/Linux systems to attack
This low-level software is the glue that enables GNU/Linux to run on Secure Boot PCs, and it has a nasty problem.
Late coverage:
-
Bootloader Vulnerability Affects Nearly All GNU/Linux Distributions
The developers of shim have released a version to fix numerous security flaws, including one that could enable remote control execution of malicious code under certain circumstances.
Law firm:
-
Security Linux systems exposed to boot loader attack - Hogan Lovells Engage
A high severity vulnerability could allow attackers to take over a Linux system. The vulnerability is in the shim software that supports Secure Boot, which is a standard that certain Linux distributions use to ensure that devices boot only with trusted software from the original equipment manufacturer.
Shim parses HTTP responses, which attackers can exploit to execute privileged code and circumvent any controls implemented by the kernel and the operating system. This flaw is only exploitable in the early boot phrase by attackers who perform a Man-in-the-Middle attack, alter the boot order using existing privileges, or use a preboot execution environment. It is only exploitable for systems that are configured to load the boot loader over the network, which is typically only large data centers.