CVE-2020-15780

Published: Jul 15, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://git.zx2c4.com/american-unsigned-language/tree/american-unsigned-language-2.sh

x_refsource_MISC

https://www.openwall.com/lists/oss-security/2020/06/15/3

x_refsource_MISC

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=75b0cea7bf307f362057cc778efe89af4c615354

x_refsource_MISC

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.7

x_refsource_MISC

[oss-security] 20200720 Re: Re: lockdown bypass on mainline kernel for loading unsigned modules

mailing-list

x_refsource_MLIST

[oss-security] 20200729 multiple secure boot grub2 and linux kernel vulnerabilities

mailing-list

x_refsource_MLIST

[oss-security] 20200730 Re: UEFI SecureBoot bypass fixes rolled out to kernels below radar

mailing-list

x_refsource_MLIST

[oss-security] 20200730 UEFI SecureBoot bypass fixes rolled out to kernels below radar

mailing-list

x_refsource_MLIST

USN-4425-1

vendor-advisory

x_refsource_UBUNTU

USN-4439-1

vendor-advisory

x_refsource_UBUNTU

USN-4426-1

vendor-advisory

x_refsource_UBUNTU

USN-4440-1

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2020:1153

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2020:1236

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-15780

Description

Affected Products

References