CVE-2020-26541 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Certificate verification bypass
Description	The Linux kernel does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1878	linux	5.12.arch1-1		Medium	Not affected

References
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=56c5812623f95313f6a46fbf0beee7fa17c68bbf

Notes
This codepath is only executed when the kernel configuration option CONFIG_LOAD_UEFI_KEYS is enabled, which is not the case for the kernels provided by Arch Linux.