DSN-2020-004: Dell response to Grub2 vulnerabilities which may allow secure boot bypass

Summary: Dell is aware of a vulnerability in Grand Unified Bootloader (GRUB), known as “There’s a Hole in the Boot”, that may allow for Secure Boot bypass.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Security Article Type

Security KB

CVE Identifier


CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-15705, CVE-2020-15706, CVE-2020-15707

Issue Summary

There is a Grand Unified Bootloader (GRUB) vulnerability, known as "BootHole", that may allow for Secure Boot bypass.

Details

Dell is aware of a vulnerability in Grand Unified Bootloader (GRUB), known as "BootHole", that may allow for Secure Boot bypass.

The security of our products is critical to helping ensure our customers’ data and systems are protected. See the following Dell Security Advisories for specific remediation details:

Dell Client Platforms


Dell Storage Products

*Note: Any non-security updates or configuration changes required to support updates released by Operating System providers will be communicated through product-specific technical support articles.

Recommendations

Dell recommends that customers review their Operating System provider’s advisories for further information, including appropriate identification and mitigation measures. 

See the following technical support articles which provide additional information and context as it relates to Dell products:  

Legal Disclaimer

Products

Product Security Information
Article Properties
Article Number: 000177589
Article Type: Security KB
Last Modified: 18 Apr 2022
Version:  8
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.