DSN-2020-004: Dell response to Grub2 vulnerabilities which may allow secure boot bypass
Oversigt: Dell is aware of a vulnerability in Grand Unified Bootloader (GRUB), named "There is a Hole in the Boot," that may allow for Secure Boot bypass.
Denne artikel gælder for
Denne artikel gælder ikke for
Denne artikel er ikke knyttet til et bestemt produkt.
Det er ikke alle produktversioner, der er identificeret i denne artikel.
Sikkerhedsartikeltype
Security KB
CVE-id
CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-15705, CVE-2020-15706, CVE-2020-15707
Oversigt over problemet
There is a Grand Unified Bootloader (GRUB (External Link)) vulnerability, known as "BootHole (External Link)," that may allow for Secure Boot bypass.
Oplysninger
Dell is aware of a vulnerability in Grand Unified Bootloader (GRUB (External Link)), known as "BootHole (External Link)," that may allow for Secure Boot bypass.
The security of our products is critical to helping ensure our customers' data and systems are protected. See the following Dell Security Advisories for specific remediation details:
Dell Client Platforms
- CPG BIOS: DSA-2020-185
Dell Storage Products
- PowerFlex Rack: DSA-2020-216
- Data Protection Central: DSA-2020-218
- Avamar: DSA-2020-219
- Cloud Tiering Appliance: DSA-2020-228
- VxRail: DSA-2020-235
- Dell SRM: DSA-2020-247
- Cyber Recovery: DSA-2020-265
- DPSearch: DSA-2021-004
- IDPA ACM: DSA-2021-021
Note: Any nonsecurity updates or configuration changes required to support updates released by Operating System providers are communicated through product-specific technical support articles.
Anbefalinger
Dell Technologies recommends that customers review their Operating System provider’s advisories for more information, including appropriate identification and mitigation measures.
- Canonical https://ubuntu.com/security/notices/USN-4432-1 (External Link)
- Debian https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot (External Link)
- Microsoft Guidance for Addressing Security Feature Bypass in GRUB (External Link)
- Red Hat https://access.redhat.com/security/vulnerabilities/grub2bootloader (External Link)
- SUSE https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/ and https://www.suse.com/support/kb/doc/?id=000019673 (External Link)
See the following technical support articles which provide additional information and context as it relates to Dell products:
- Dell Client Platforms Additional Information Regarding the "BootHole" (GRUB) Vulnerability
- Dell PowerEdge Servers Additional Information Regarding the March 2021 (GRUB) Vulnerability Disclosure
Ansvarsfraskrivelse
Berørte produkter
Product Security InformationArtikelegenskaber
Artikelnummer: 000177589
Artikeltype: Security KB
Senest ændret: 17 mar. 2026
Version: 9
Find svar på dine spørgsmål fra andre Dell-brugere
Supportservices
Kontrollér, om din enhed er dækket af supportservices.