---

CVE-2020-26541 - log back

CVE-2020-26541 edited at 26 Apr 2021 22:02:28
Notes	+ This codepath is only executed when the kernel configuration option CONFIG_LOAD_UEFI_KEYS is enabled, which is not the case for the kernels provided by Arch Linux.

CVE-2020-26541 edited at 26 Apr 2021 21:55:50
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Certificate verification bypass
Description	+ The Linux kernel does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
References	+ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=56c5812623f95313f6a46fbf0beee7fa17c68bbf

CVE-2020-26541 created at 26 Apr 2021 21:50:48
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes