Do Son 
More than two years after the debut of version 2.12, the definitive release of GRUB 2.14 has arrivedβa momentous update to the ubiquitous bootloader utilized across Linux and various other operating systems.
This latest iteration introduces support for the EROFS read-only file system. Furthermore, developers have refined LVM operations by integrating support for LV integrity and cachevol. For EFI platforms, NX (No-eXecute) protection has been implemented alongside various systemic enhancements. The update also incorporates the shim loader protocol, the Argon2 key derivation function, and TPM2 key protection. For PowerPC architectures, support for Secure Boot with appended signatures is now included.
Notable advancements also include the capacity to store GRUB environment blocks within Btrfs headers, support for BLS and UKI, and zstdio decompression. Crucially, the “Year 2038” problem has been resolved, ensuring the bootloader functions accurately beyond the traditional 1901β2038 temporal range. Additionally, an option to lock the command-line interface has been introduced.
The development team has also remediated a plethora of vulnerabilities (CVEs) and bugs identified by the Coverity static analysis tool. Efforts were made to bolster the reliability of TPM drivers and file systems, expand the test suite, and modernize documentation. The libgcrypt library has been upgraded to version 1.11.
The source code is currently available for exfiltration from the GNU server. For Windows environments, binary distributions supporting i386-pc, i386-efi, and x86_64-efi platforms are prepared, accompanied by the projectβs updated documentation.
Related Posts:
- Bypassing GRUB Security: How CVE-2023-4001 Exploits UEFI Systems
- GRUB2 Bootloader Vulnerabilities Expose Millions of Systems to Attacks
- Linux Kernel 6.14 Arrives: New Features and Improvements Unveiled
- Gemini Nano Block: Google Locks On-Device AI Access for Smartphones with Unlocked Bootloaders
- Microsoft Urges TPM 2.0 for Windows 11 Upgrade as Win 10 Support Nears End
Support Our Threat Intelligence
If you find our CVE report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
