Red Hat’s patch for BootHole GRUB2 CVE-2020-10713 causes Red Hat Linux run systems to hang and go in a reboot loop
We had reported about the huge BootHole CVE-2020-10713 vulnerability that affects all operating systems using the GRUB2 or Secure Boot. Linux, Microsoft’s Windows and BSD, all are vulnerable to the BootHole vulnerability.
After the vulnerability was discovered by Eclypsium, the Red Hat dev team rushed in a set of patches to fix the GRUB2 flaw in Red Hat Linux versions. However, the users who are updating the Red Hat patch have found that the patch causes their systems to hang and render the systems unbootable. After many complaints, Red Hat has alerted its customers not to install the package updates until the issue is resolved.
While all Red Hat Linux run systems seem to hang after applying the GRUB2 BootHole patch, users of Red Hat Enterprise Linux (RHEL) 8.2 are most affected. The patch renders RHEL 8.2 run systems unbootable. RHEL virtual machines (VM)s, which don’t deal with Secure Boot firmware are not affected by the patch side effects. Red Hat Enterprise Linux 7.8 and 8.2 are confirmed to be affected, but versions 7.9 and 8.1 EUS could also be impacted.
Red Hat has now updated its initial advisory, telling customers that it strongly recommends against applying the grub2, fwupd, fwupdate or shim updates until the issue is fixed and new patches are released. If you have already installed the Red Hat patches and are facing the above issues, you should follow these instructions to uninstall the patch and restore your system.
RedHat says that it has identified the cause of the problem and is working on a fix.