DSN-2020-004: Dell response to Grub2 vulnerabilities which may allow secure boot bypass
摘要: Dell is aware of a vulnerability in Grand Unified Bootloader (GRUB), named "There is a Hole in the Boot," that may allow for Secure Boot bypass.
本文章適用於
本文章不適用於
本文無關於任何特定產品。
本文未識別所有產品版本。
安全性文章類型
Security KB
CVE 識別碼
CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-15705, CVE-2020-15706, CVE-2020-15707
問題摘要
There is a Grand Unified Bootloader (GRUB (External Link)) vulnerability, known as "BootHole (External Link)," that may allow for Secure Boot bypass.
詳細資料
Dell is aware of a vulnerability in Grand Unified Bootloader (GRUB (External Link)), known as "BootHole (External Link)," that may allow for Secure Boot bypass.
The security of our products is critical to helping ensure our customers' data and systems are protected. See the following Dell Security Advisories for specific remediation details:
Dell Client Platforms
- CPG BIOS: DSA-2020-185
Dell Storage Products
- PowerFlex Rack: DSA-2020-216
- Data Protection Central: DSA-2020-218
- Avamar: DSA-2020-219
- Cloud Tiering Appliance: DSA-2020-228
- VxRail: DSA-2020-235
- Dell SRM: DSA-2020-247
- Cyber Recovery: DSA-2020-265
- DPSearch: DSA-2021-004
- IDPA ACM: DSA-2021-021
Note: Any nonsecurity updates or configuration changes required to support updates released by Operating System providers are communicated through product-specific technical support articles.
建議
Dell Technologies recommends that customers review their Operating System provider’s advisories for more information, including appropriate identification and mitigation measures.
- Canonical https://ubuntu.com/security/notices/USN-4432-1 (External Link)
- Debian https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot (External Link)
- Microsoft Guidance for Addressing Security Feature Bypass in GRUB (External Link)
- Red Hat https://access.redhat.com/security/vulnerabilities/grub2bootloader (External Link)
- SUSE https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/ and https://www.suse.com/support/kb/doc/?id=000019673 (External Link)
See the following technical support articles which provide additional information and context as it relates to Dell products:
- Dell Client Platforms Additional Information Regarding the "BootHole" (GRUB) Vulnerability
- Dell PowerEdge Servers Additional Information Regarding the March 2021 (GRUB) Vulnerability Disclosure
法律免責聲明
受影響的產品
Product Security Information文章屬性
文章編號: 000177589
文章類型: Security KB
上次修改時間: 17 3月 2026
版本: 9
向其他 Dell 使用者尋求您問題的答案
支援服務
檢查您的裝置是否在支援服務的涵蓋範圍內。