[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Re: lockdown bypass on ubuntu 18.04's 4.15 kernel for loading unsigned modules
From: Reed Loden <reed () reedloden ! com>
Date: 2020-06-16 0:09:51
Message-ID: CALPTtNU++hGZ4KO85Sz0qjmofe-BTspsh+rJvbMeiWHeVhTNpg () mail ! gmail ! com
[Download RAW message or body]
Please use
https://cveform.mitre.org/ to request a CVE directly from MITRE. That's
your quickest and best way. :-)
~reed
On Mon, Jun 15, 2020 at 4:02 PM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> Hi Mitre,
>
> People are requesting a CVE to track this and are poking me to poke
> you to assign one.
>
> Jason
>
> On Sun, Jun 14, 2020 at 12:30 AM Jason A. Donenfeld <Jason@zx2c4.com>
> wrote:
> >
> > Hey folks,
> >
> > I noticed that Ubuntu 18.04's 4.15 kernels forgot to protect
> > efivar_ssdt with lockdown, making that a vector for disabling lockdown
> > on an efi secure boot machine. I wrote a little PoC exploit to
> > demonstrate these types of ACPI shenanigans:
> >
> >
> https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language.sh
> >
> > The comment on the top has description of exploit strategy and such. I
> > haven't yet looked into other kernels and distros that might be
> > affected, though afaict, Canonical's kernel seems to deviate a lot
> > from upstream.
> >
> > Jason
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic