BootHole and Seven Other Vulnerabilities Patched in GRUB2, Update Your Distros Now

Developers from several popular GNU/Linux distributions coordinated the release of updates for the GRUB2 bootloader, which is used in almost all distros to allow users to patch their systems against no less than eight security vulnerabilities, the most serious of them all being dubbed as BootHole (CVE-2020-10713) and discovered by Jesse Michael and Mickey Shkatov from Eclypsium. Canonical reports today that they’ve been aware of the BootHole vulnerability since April 2020, and they worked with many developers from other well known Linux distributions, such as Debian, as well as developers from Microsoft to mitigate the security issue and release updates for users.