© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
No, in theory this is any root access to Secure Boot bypass with no user interaction, using a process like:
- Use efibootmgr as root to set the first boot option to "EFI Shell"
- Put startup.nsh with malicious code at the root of the ESP
- Startup.nsh starts OS patched with malware
I have written no PoC tho, so it is only a theoretical attack, but I think it is definitely possible.