关联漏洞
标题:grub2 缓冲区错误漏洞 (CVE-2021-20233)Description:grub2是GNU社区的一款Linux系统引导程序。 grub2 存在缓冲区错误漏洞,该漏洞源于计算错误而导致堆出界写缺陷。以下产品和版本受到影响:grub2 in versions prior to 2.06。
Description
This script will remediate the BootHole bug identified in CVE-2020-25632 and/or CVE-2021-20233.
介绍
# Boot Hole Fix
This script will remediate the BootHole bug identified in CVE-2020-25632 and/or CVE-2021-20233.
On July 29, 2020, Microsoft published security advisory 200011 that describes a new vulnerability that's related to Secure Boot.
Devices that trust the Microsoft third-party Unified Extensible Firmware Interface (UEFI) Certificate Authority (CA) in their Secure Boot configuration may be susceptible to an attacker who has administrative privileges or physical access to the device.
This script is to apply the latest Secure Boot DBX revocation list to invalidate the vulnerable modules.
Paul Rowland - 2022
v1.0 - 19/07/2022
Steps for use:
1) Download the latest BootHoleFix.ps1 file and save it to a location such as "C:\Users\\%UserName%\Desktop".
2) Launch PowerShell as an admin.
3) Navigate to the directory above (typing "cd C:\Users\\%UserName%\Desktop").
4) Type ".\BootHoleFix.ps1" and hit Enter.
5) Close the window when the "Complete, you may now close this window..." message appears in green
文件快照
[4.0K] /data/pocs/9ffde3d4f5b1a345e8a1fdc59bf542dd0d316b51
├── [1.9K] BootHoleFix.ps1
├── [ 34K] LICENSE
└── [1.0K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。