CVE-2022-1665

A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn't. These kernel builds don't have the secure boot lockdown patches applied to it and can bypass the secure boot validations, allowing the attacker to load another non-trusted code.

Published: Jun 21, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-1665
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.2
AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
redhat / enterprise_linux	8.0	8.0.x

https://bugzilla.redhat.com/show_bug.cgi?id=2089529

Vulnerability Database

CVE-2022-1665