Sometimes the treatment is really worse than the disease. The recently discovered Boothole security issue with GRUB2 and Secure Boot could theoretically be used to attack Linux systems. In fact, the only vulnerable Linux systems are those that have already been successfully compromised by an attacker. However, the potential for damage has been, so almost all corporate Linux distributors have released patches. Unfortunately, for at least one – Red Hat – the amendment went wrong.
Many users report that after patching Red Hat Enterprise Linux (RHEL) 8.2, it has made their systems not boot. The problem also seems to affect RHEL 7.x and 8.x computers. However, it seems to be limited to barefoot servers. RHEL (VM) virtual machines that do not handle Secure Boot firmware work well.
RHEL is not the only Linux with this problem: CentOS 7.x and 8.x users also report problems. There have also been sporadic reports of boothole boot problems with other Linux distributors.
Repairs are on the way. Peter Alor, director of the Red Hat Product Security Incident Response Team, told me:
“Red Hat is aware of a potential issue with the CVE-2020-10713 fix, also known as Bootjole, where some Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8 may not restart successfully after a manual intervention is applied. for adjustment. We are currently investigating this issue and will provide more information when it becomes available. “
Other Red Hat officials say amendment to the amendment will be on the way soon. So, if you haven’t patched up yet, hold on. If you have and have problems, help is on the way.