Sometimes the cure is really worse than the disease. The recently revealed Boothole security issue with GRUB2 and Secure Boot can theoretically be used to attack Linux systems. In practice, the only vulnerable Linux systems are those that an attacker has already successfully breached. However, there was the potential for damage, so almost every Linux distributor in the company has released patches. Unfortunately, at least one (Red Hat) solution did not work properly.
Many users complain that after patching Red Hat Enterprise Linux (RHEL) 8.2, it has made their systems unable to boot. It also appears that the problem affects RHEL 7.x and 8.x computers. It seems, however, to be limited to servers running on bare iron. RHEL virtual machines (VMs), which do not deal with Secure Boot firmware, work well.
RHEL is not the only Linux with this problem: CentOS 7.x and 8.x users also have problems. There have been sporadic reports of Boothole boot problems with other Linux distros.
A repair is underway. Peter Allor, director of the Red Hat product security incident response team, told me:
“Red Hat has been notified of a potential problem with fixing CVE-2020-10713, also known as Bootjole, so some Red Hat Enterprise Linux 7 and Red Hat Enterprise Linux 8 systems cannot reboot with success after remediation is applied, We are currently investigating this issue and will provide more information when it becomes available. “
Other Red Hat employees say the repair will be done soon. So if you haven’t hit yet, keep it out. If you have problems and have problems, help is underway.