08-22-2024, 06:19 AM
I never liked the idea of dual-booting so have my Windows and Linux on separate SSDs. They both have independent boot loaders. Presumably this primarily affects laptop users.
I am surprised that someone in the Linux community didn't pick this up before now. They are pretty good at rolling out patches quickly.
Some more info on the vulnerability.
I am surprised that someone in the Linux community didn't pick this up before now. They are pretty good at rolling out patches quickly.
Some more info on the vulnerability.
Quote:CVE-2022-2601: A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism. Link
My mind is open to all possibilities. But one thing is certain: they're hiding something.
.. an upbeat cynic
.. an upbeat cynic
