CVE-2022-1665: A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it…

CVE-2022-1665 [HIGH] CWE-1291 Power: Signed build of Red Hat Enterprise Linux for IBM Power can boot pre-production kernels Power: Signed build of Red Hat Enterprise Linux for IBM Power can boot pre-production kernels A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn't. These kernel builds don't have the secure boot lockdown patches applied to it and can bypass the secure boot validations, allowing the attacker to load another non-trusted code. A flaw was found in the Linux kernel, where a set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture were signed with Red Hat's production secure boot keys. This issue allows kernel versions targeted for testing to eventually boot in PowerPC environments with the Secure Boot feature enabled. An attacker needs high privi

CVE-2022-1665 [HIGH] GHSA-23qr-p57h-8gx4: A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even thou A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn't. These kernel builds don't have the secure boot lockdown patches applied to it and can bypass the secure boot validations, allowing the attacker to load another non-trusted code.

CVE-2022-1665 [HIGH] CVE-2022-1665 Power: Signed build of Red Hat Enterprise Linux for IBM Power can boot pre-production kernels CVE-2022-1665 Power: Signed build of Red Hat Enterprise Linux for IBM Power can boot pre-production kernels A set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture can be booted by the grub in Secure Boot mode even though it shouldn't. These kernel builds don't have the secure boot lockdown patches applied to it and can bypass the secure boot validations, allowing the attacker to load another non-trusted code. Discussion: A flaw was found in the Linux kernel, where a set of pre-production kernel packages of Red Hat Enterprise Linux for IBM Power architecture were signed with Red Hat's production secure boot keys. This issue allows kernel versions targeted for testing to eventually boot in PowerPC environments with the Secure Boot feature enabled. A