Linux developers are patching high-severity vulnerabilities. In some cases, this vulnerability allows the installation of malware that runs at the firmware level, giving an infected person access to the deepest parts of the device that are difficult to detect or remove. . Ars Technica: This vulnerability exists in shim. A shim, in the Linux context, is a small component that runs in the firmware early in the boot process, before the operating system boots. Specifically, the shims that come with virtually all Linux distributions play an important role in secure boot. Secure Boot is a protection built into modern computing devices to ensure that all links in the boot process come from verified and trusted suppliers. Successful exploitation of this vulnerability allows an attacker to exploit this mechanism by running malicious firmware early in the boot process, before the Unified Extensible Firmware Interface firmware is loaded and control is passed to the operating system. can be neutralized.
The vulnerability, tracked as CVE-2023-40547, is a so-called buffer overflow, a coding bug that allows attackers to execute arbitrary code. It resides on the base of the web and is part of a shim that handles booting from a central server on the network using the same HTTP. Attackers can exploit code execution vulnerabilities in a variety of scenarios, and virtually all scenarios involve some form of compromise of either the targeted device, the server, or the network from which the device is booted. Especially after being successful. “The attacker can force the system to boot from HTTP if it is not already booted from HTTP, run his HTTP server in question, or run his MITM traffic to the HTTP server. ,” said Matthew Garrett, a security developer. One of the original sim authors wrote in an online interview: “An attacker (either physically present or who has already compromised root on the system) can use this to subvert secure boot (by adding a new boot entry to the server they control and compromising the shim). and may execute arbitrary code).