What is it exactly?
GRUB2 is a bootloader for widely used on x86 platforms. One of the most important features of Grub2 from security perspective is the support in secure boot. Secure boot ensures the software loaded by the system is trusted. The BootHole exploit is utilizing vulnerability in Grub2 to break the chain of trust and install a malicious code on the compromised system.
It’s important to note that the exploit requires write access to grub.cfg file, which usually requires root permissions.
Is my product vulnerable?
All current Grub2 releases up to 2.04 are vulnerable. Patches are being applied by most Linux distribution vendors, as well as Grub2 upstream repository.
What is the mitigation?
Install the most recent grub2 package update if using a Linux distribution.
Hardenite audit will identify the vulnerability and provide actionable mitigation recommendations.