[UCI-Linux] Linux Grub2 Authentication 0-Day

Mike Iglesias iglesias at uci.edu
Wed Dec 16 13:40:01 PST 2015

Current versions of the Linux Grub2 bootloader contain a vulnerability that
could allow an attacker who has physical access to a system protected with a
Grub username/password to bypass the protection and gain access to the system.
 The vulnerability has been patched so if you have systems protected with a
Grub username/password, you'll want to apply the update as soon as possible.

Here are the details of the vulnerability:


Mike Iglesias                          Email:       iglesias at uci.edu
University of California, Irvine       phone:       949-824-6926
Office of Information Technology       FAX:         949-824-2270

More information about the UCI-Linux mailing list