CVE-2020-14372 log

Severity Medium
Remote No
Type Arbitrary code execution
GRUB2 enables the use of the command acpi even when secure boot is signaled by the firmware. An attacker with local root privileges can drop a small SSDT in /boot/efi and modify grub.cfg to instruct grub to load said SSDT. The SSDT then gets run by the kernel and it overwrites the kernel lockdown configuration enabling the attacker to load unsigned kernel modules and kexec unsigned code.
Group Package Affected Fixed Severity Status Ticket
AVG-1629 grub 2:2.04-10 2:2.06-1 Medium Fixed
Date Advisory Group Package Severity Type
15 Jun 2021 ASA-202106-43 AVG-1629 grub Medium multiple issues