Operational Defect Database
BugZero found this defect 61 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
Hewlett Packard Enterprise | a00104744en_us
Advisory: (Revision) GRUB2 (aka BootHole) Vulnerability - Linux Vendor Patches for UEFI Secure Boot Evasion Vulnerability (CVE-2020-10713) May Cause System to Be Unable to Boot
Last update date:
3/20/2024
Affected products:
HPE Apollo 4200 Gen10 Server
HPE Apollo 4200 Gen9 Server
HPE Solutions with Cohesity
HPE Apollo 2000 Gen10 Plus System
HPE Cloudline CL2100 Gen10 Server
HPE Cloudline CL2200 Gen10 Server
HPE Cloudline CL2600 Gen10 Server
HPE Cloudline CL2800 Gen10 Server
HPE Cloudline CL3100 Gen10 Server
HPE Cloudline CL3100 Gen9 Server
HPE Cloudline CL3150 Gen10 Server
HPE Cloudline CL4100 Gen10 Server
Affected releases:
No affected releases provided.
Fixed releases:
No fixed releases provided.
Description:
Info
Document Version Release Date Details 3 March 20, 2024 Added RHEL7.7 and RHEL7.9 to the affected operating systems under Scope. 2 September 02, 2020 Updated Hardware Platforms Affected list. 1 August 13, 2020 Original Document Release. Red Hat Enterprise Linux (RHEL) and CentOS have reported that patches for the GRUB2 bootloader vulnerability (aka BootHole CVE-2020-10713) may result in the system being unable to boot. Note: The BootHole vulnerability is not particular to HPE, but an industry wide issue. For further information on this vulnerability refer to the following Security Bulletin and Customer Notice .
Scope
Any HPE server running a supported Linux OS that has encountered a "no boot" condition after installing the Linux vendor's patches for BootHole. The following operating systems have been confirmed to be affected by this issue: Red Hat Enterprise Linux (RHEL) 7.7 Red Hat Enterprise Linux (RHEL) 7.8 Red Hat Enterprise Linux (RHEL) 7.9 Red Hat Enterprise Linux (RHEL) 8.2 CentOS 8.2
Resolution
The following Linux vendors with Linux distributions supported on HPE servers have documented the resolutions, including the methods to recover, from a "no boot" condition after applying the Linux patches for the GRUB2/BootHole vulnerability: Red Hat: The GRUB2/BootHole issue is documented in the security vulnerability Boot Hole Vulnerability - GRUB 2 boot loader - CVE-2020-10713 The resolution and recovery information for a "no boot" condition is available in the knowledgebase document System hangs after POST and the grub menu never loads after applying the RHSA-2020:3216 or RHSA-2020:3217 Disclaimer: One or more of the links above will take you outside the HPE website. HPE is not responsible for content outside of its domain. RECEIVE PROACTIVE UPDATES : Receive support alerts (such as Customer Advisories), as well as updates on drivers, software, firmware, and customer replaceable components, proactively in your e-mail through HPE Support Alerts. Sign up for Support Alerts at the following URL: HPE Email Preference Center. NAVIGATION TIP: For hints on navigating HPE.com to locate the latest drivers, patches and other support software downloads, refer to the Navigation Tips document. SEARCH TIP: For hints on locating similar documents on HPE.com, refer to the Search Tips document.
