clickbait title. basically, if your machine is already compromised in a severe way, here is another way how to compromise it further (for whatever reason)
The most useful quote to those familiar with the linux boot process:
“An attacker would need to be able to coerce a system into booting from HTTP if it’s not already doing so, and either be in a position to run the HTTP server in question or MITM traffic to it,” Matthew Garrett, a security developer and one of the original shim authors, wrote in an online interview. “An attacker (physically present or who has already compromised root on the system) could use this to subvert secure boot (add a new boot entry to a server they control, compromise shim, execute arbitrary code).”
If an attack needs root then it doesn’t matter. Your box is toast anyway. If you’re using http boot without verification then you should have seen a MITM attack coming.
I don’t know that I’ve actually heard of a Linux vulnerability before, but especially not this bad. It was a good streak and I’m sure it will be patched quickly.
This flaw is not really that bad because it requires the attacker to already have total and complete control over the system already. For example, if they were able to steal the root password.
This flaw just makes it easier for the attacker to hide and harder to evict them.
Add comment