CVE-2022-28735 - log back

CVE-2022-28735 edited at 08 Jun 2022 10:21:52
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Local
Type
- Unknown
+ Insufficient validation
Description
+ The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain.
References
Notes
CVE-2022-28735 created at 08 Jun 2022 10:10:47