Nostr Web Client

In other critical vulnerability news, the Linux bootloader had an out of bounds write (attacker controlled length and data) in the HTTP boot code. Vuln has been there a decade. https://github.com/rhboot/shim/commit/0226b56513b2b8bd5fd281bce77c40c9bf07c66d

#infosec #cyber #security #cybersec #CyberSecutity #vuln #vulnerability #SecureBoot

Please Login to reply.

Why is the Linux kernel doing anything with HTTP?

I thought the *exact* *same* *thing* when I saw that code. I guess that's what people are doing these days instead of pxe boot?

It looks like that probably got started with UEFI, which makes sense since this all seems to be related to secure boot.

Heads up geeks.