Security News > 2020 > July > Red Hat's BootHole Patches Cause Systems to Hang
Red Hat has told customers not to install the package updates released in response to the recently disclosed BootHole vulnerability after users reported that their systems hung after applying the updates.
The flaw, officially identified as CVE-2020-10713, impacts systems that use Secure Boot, and fully patching it involves replacing vulnerable bootloaders and updating the Secure Boot revocation list to ensure that the old bootloaders can no longer be executed.
Shortly after the packages were released, users started reporting that their systems failed to boot after applying the updates.
Red Hat has now updated its initial advisory, telling customers that it strongly recommends against applying the grub2, fwupd, fwupdate or shim updates until new packages are available.
Red Hat has released instructions for how users who have already installed the buggy updates can restore their system.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-30 | CVE-2020-10713 | Classic Buffer Overflow vulnerability in multiple products A flaw was found in grub2, prior to version 2.06. | 8.2 |