2024-04-05 19:40:02
canonical
PUBLISHED
GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntus peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.