Bypassing Secure Boot Restrictions in Linux Kernel with ACPI Table Injection

Bypassing Secure Boot Restrictions in Linux Kernel with ACPI Table Injection

CVE-2016-3699 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

The Linux kernel, as used in Red Hat Enterprise Linux 7.2 and Red Hat Enterprise MRG 2 and when booted with UEFI Secure Boot enabled, allows local users to bypass intended Secure Boot restrictions and execute untrusted code by appending ACPI tables to the initrd.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.