GRUB2 Bootloader Vulnerability Affects Millions of Devices
A vulnerability in the GRUB2 (Grand Unified Bootloader version 2) bootloader could be exploited to run malicious firmware during startup. The issue affects most Linux devices and Windows devices that use Secure Boot. Researchers at Eclypsium discovered the issue and disclosed it to "including OS vendors, computer manufacturers, and CERTs" prior to public disclosure. Linux distributions have begun making fixes available, although not without hiccups: Red Hat's fix for the BootHole vulnerability is reportedly causing problems for some users - when the patch is installed, their systems will not boot.
This is an important vulnerability. Important, but not critical. Wait for your Linux distribution to address this. To exploit this issue, an attacker has to have root access on the system. It could provide a method for an attacker to retain more persistent access to a system. One more reason to "wipe and rebuild" vs. "clean" malware from affected systems. (And don't forget to wipe/reinstall grub as well.)
The Grub2 bootloader is used with more than just Linux distributions, which may be somewhat unexpected to learn, and the exploit can be used to write code into the UEFI firmware which may then require factory reset to recover. Make sure you know how to do that reset. Due to side-effects of the patch, test on representative devices before wide deployment.
Read more in
ZDNet: Red Hat Enterprise Linux runs into Boothole patch trouble
Ars Technica: New flaw neuters Secure Boot, but there's no reason to panic. Here's why
ZDNet: Linux distros fix new Boothole bug
Dark Reading: 'BootHole' Vulnerability Exposes Secure Boot Devices to Attack
The Register: GRUB2, you're getting too bug for your boots: Config file buffer overflow is a boon for malware seeking to drill deeper into a system
SC Magazine: 'Boothole' threatens billions of Linux, Windows devices
Threatpost: Billions of Devices Impacted by Secure Boot Bypass
Bleeping Computer: BootHole GRUB bootloader bug lets hackers hide malware in Linux, Windows
Cyberscoop: New bug in PC booting process could take years to fix, researchers say
Duo: FLAW IN GRUB 2 BOOT LOADER THREATENS MANY LINUX SYSTEMS