CVE-2020-27779 log

Source
Severity Medium
Remote No
Type Access restriction bypass
Description
The GRUB2's cutmem command does not honor Secure Boot locking. This allows an privileged attacker to remove address ranges from memory creating an opportunity to circumvent Secure Boot protections after proper triage of grub's memory layout.
Group Package Affected Fixed Severity Status Ticket
AVG-1629 grub 2:2.04-10 2:2.06rc1-1 Medium Testing
References
https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html
https://git.savannah.gnu.org/gitweb/?p=grub.git;a=commit;h=d298b41f90cbf1f2e5a10e29daa1fc92ddee52c9