SoylentNews is people
SoylentNews
from the do-you-have-update-for-my-boothole? dept.
Red Hat and CentOS systems aren’t booting due to BootHole patches:
Early this morning, an urgent bug showed up at Red Hat's bugzilla bug tracker—a user discovered that the RHSA_2020:3216 grub2 security update and RHSA-2020:3218 kernel security update rendered an RHEL 8.2 system unbootable.
[...] The patches were intended to close a newly discovered vulnerability in the GRUB2 boot manager called BootHole.
[...] Unfortunately, Red Hat's patch to GRUB2 and the kernel, once applied, are leaving patched systems unbootable. The issue is confirmed to affect RHEL 7.8 and RHEL 8.2, and it may affect RHEL 8.1 and 7.9 as well. RHEL-derivative distribution CentOS is also affected.
Red Hat is currently advising users not to apply the GRUB2 security patches (RHSA-2020:3216 or RHSA-2020:3217) until these issues have been resolved.
Ubuntu and Debian are also apparently affected.
(Score: 0) by Anonymous Coward on Saturday August 01 2020, @09:27AM
Syslinux is a great example of doing one thing and doing it well. The problem with it is that it is limited to loading from the same partition or chain loading boot records. The usual solution is to put it on the ESP like most UEFI loaders, stubs, etc. these days. Personally, I like other alternatives but you won't see me insulting that one.
Fun fact: if your setup isn't too crazy, Linux can boot itself now.