Vulnerabilities > CVE-2022-1665 - Unspecified vulnerability in Redhat Enterprise Linux 8.0

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

redhat

NVD

Published: 2022-06-21

Updated: 2022-08-18

Summary

A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn't. These kernel builds don't have the secure boot lockdown patches applied to it and can bypass the secure boot validations, allowing the attacker to load another non-trusted code.

Vulnerable Configurations

Part	Description	Count
OS	Redhat Redhat Enterprise Linux 8.0	1

References

https://bugzilla.redhat.com/show_bug.cgi?id=2089529