vulnerability
Arch Linux: Arbitrary code execution (CVE-2020-14372)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:L/AC:H/Au:N/C:C/I:C/A:C) | Mar 3, 2021 | Jul 11, 2025 | Nov 27, 2025 |
Severity
6
CVSS
(AV:L/AC:H/Au:N/C:C/I:C/A:C)
Published
Mar 3, 2021
Added
Jul 11, 2025
Modified
Nov 27, 2025
Description
GRUB2 enables the use of the command acpi even when secure boot is signaled by the firmware. An attacker with local root privileges can drop a small SSDT in /boot/efi and modify grub.cfg to instruct grub to load said SSDT. The SSDT then gets run by the kernel and it overwrites the kernel lockdown configuration enabling the attacker to load unsigned kernel modules and kexec unsigned code.
Solution
arch-linux-upgrade-latest
References
- CVE-2020-14372
- https://attackerkb.com/topics/CVE-2020-14372
- URL-https://access.redhat.com/security/vulnerabilities/RHSB-2021-003
- URL-https://bugzilla.redhat.com/show_bug.cgi?id=1873150
- URL-https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWZ36QK4IKU6MWDWNOOWKPH3WXZBHT2R/
- URL-https://security.archlinux.org/ASA-202106-43
- URL-https://security.gentoo.org/glsa/202104-05
- URL-https://security.netapp.com/advisory/ntap-20210416-0004/
- CWE-184
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.