[Bug 2040137] Re: exposing the EFI shell in Secure Boot mode can lead to security bypass
Nishit Majithia
2040137 at bugs.launchpad.net
Tue Jun 3 10:59:11 UTC 2025
** Changed in: lxd (Ubuntu Focal)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to edk2 in Ubuntu.
https://bugs.launchpad.net/bugs/2040137
Title:
exposing the EFI shell in Secure Boot mode can lead to security bypass
Status in edk2 package in Ubuntu:
Fix Released
Status in lxd package in Ubuntu:
New
Status in edk2 source package in Focal:
Fix Released
Status in lxd source package in Focal:
Won't Fix
Status in edk2 source package in Jammy:
Fix Released
Status in lxd source package in Jammy:
New
Status in edk2 source package in Mantic:
Fix Released
Status in lxd source package in Mantic:
Won't Fix
Status in edk2 source package in Noble:
Fix Released
Status in lxd source package in Noble:
New
Bug description:
The EFI shell is available as a built-in Boot Option in Ubuntu's OVMF
builds, even when Secure Boot is enabled.
This application has known mechanisms for bypassing UEFI Secure Boot,
and has already been barred from signing previously.
It should either: not be built into Secure Boot capable OVMF builds,
or disabled when Secure Boot is enabled in any capacity.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137/+subscriptions
More information about the foundations-bugs
mailing list