SSD Advisory – GNU GRUB Command Injection
TL;DR Find out how a vulnerability in GNU GRUB allows users on a Linux system to inject commands into the process of grub-mkconfig which allows them to execute arbitrary commands with elevated privileges. Vulnerability Summary GRUB ships with a script that allows generating /boot/grub/grub.cfg based on the operating systems installed on all the devices attached …
