GRUB2 UEFI SecureBoot vulnerability - 'BootHole'

[relic76]

Has LInux MInt made a fix for the BootHole bug that was announced recently? And would a normal home user be in any danger of it?

[DAMIEN1307]

If you are referring to the Grub2 issue mentioned the last 2 days in different tech news pages, there was an update to this already issued pretty much at the same time i had read about it...look in the update history in the update manager to see if you have already installed the grub2 updates...DAMIEN

[relic76]

Thanks. I found a grub2 update on 7/29

[karlchen]

<Addendum>
For those readers, who would like to learn more about the GRUB2 UEFI SecureBoot vulnerability referred to as 'BootHole', here is the link to the relevant Debian article on it: GRUB2 UEFI SecureBoot vulnerability - 'BootHole'
</Addendum>

[cosmiclaser]

Does anyone else had the problem reported here ?

viewtopic.php?p=1857442
"GRUB RESCUE MODE, problem with CALLOC"

RELATED:
https://askubuntu.com/questions/1263125 ... -not-found

Can we do a few stats here plese ? Enter your Mint version, and Success of Fail, thank you.
I have other PCs to update and I keep it on hold....

I start Here:
Mint 19.3 Success (UEFI, no dual boot, update performed at 20:30 NewYork / 00:30 GMT)
Mint 18.3 Fail (Not UEFI, dual boot, update performed at 10:30 NewYork / 14:30 GMT)

[DarrenG]

mint 19.3 cinnamon, no dual boot, not UEFI, update borked my system

[Kadaitcha Man]

Can we do a few stats here plese ? Enter your Mint version, and Success of Fail, thank you.

For what purpose?

[Pjotr]

This update caused some major disruptions here and there, for some people.... I'm so glad that I have frozen Grub on the computers of some digitally handicapped people for whom I am the system administrator.

[karlchen]

Hello, DarrenG.

mint 19.3 cinnamon, no dual boot, not UEFI, update borked my system

Please, open a new thread and explain the "system borked" symptoms in more details. Merely stating the Grub2 update were the culprit is not really sufficient.

I have installed the Grub2 update both on

• Mint 19.3 Cinnamon, dual boot Win10 + LM19.3, UEFI, SecureBoot on
  and
• Mint 19.3 xfce, dual boot Win7 + LM19.3, MBR, hence no SecureBoot

and both machines come up without any issues.

So precise details will be needed in order
+ to determine whether your system has been borked at all
+ to determine what has borked it, assuming it has been borked
+ to help you recover

Addendum:
In case your assumption should be correct that you have been hit by the known issues, which the Grub2 update may cause under specific circumstances, please, go through the Ubuntu article, GRUB2SecureBootBypass, carefully and apply the appropriate steps to recover your system and make it bootable again.
Kudos for mentioning this Ubuntu article go to cosmiclaser 2 posts below.

Best regards,
Karl

[ckonn]

when you are starting your linux-home-pc from the power-button it should be off-line.
after the os is downloaded into the ram you are putting the ethernet-cable in to the ethernet-lan-socket, starting the web-browser and so on.

[cosmiclaser]

There is a Workaround by the Ubuntu team here:
https://wiki.ubuntu.com/SecurityTeam/Kn ... own_issues
The but Workaround must be done BEFORE you reboot.