oss-sec mailing list archives
Re: Secure Boot bypass in EDK2 based Virtual Machine firmware
From: Yves-Alexis Perez <corsac () debian org>
Date: Wed, 14 Feb 2024 16:52:13 +0100
On Wed, Feb 14, 2024 at 03:47:23PM +0000, Mate Kukri wrote:
That is correct in the general case, but here the issue comes from the fact that a copy of the Shell was included in the firmware image itself, and as a built-in application was implicitly trusted.
Ah, thanks for the clarification, I didn't know about the implicit trust on "built-in applications". Out of curiosity, are there other such applications, which could be abused? Regards, -- Yves-Alexis Perez
Current thread:
- Secure Boot bypass in EDK2 based Virtual Machine firmware Mate Kukri (Feb 14)
- Re: Secure Boot bypass in EDK2 based Virtual Machine firmware Yves-Alexis Perez (Feb 14)
- Re: Secure Boot bypass in EDK2 based Virtual Machine firmware Mate Kukri (Feb 14)
- Re: Secure Boot bypass in EDK2 based Virtual Machine firmware Yves-Alexis Perez (Feb 14)
- Re: Secure Boot bypass in EDK2 based Virtual Machine firmware Mate Kukri (Feb 14)
- Re: Secure Boot bypass in EDK2 based Virtual Machine firmware Mate Kukri (Feb 14)
- Re: Secure Boot bypass in EDK2 based Virtual Machine firmware Yves-Alexis Perez (Feb 14)