Linux Kernel UEFI Secure Boot Certificate Import Vulnerability on Apple T2 Macs

Vulnerability

A vulnerability in the Linux kernel affects Apple T2 Macs during the early boot process. When Linux tries to read UEFI Secure Boot variables to load certificates, a page fault occurs in the Apple firmware. This fault disables EFI runtime services, causing several integrity checks to fail. The issue arises from a firmware bug that mishandles the page fault, leading to a crash that interrupts the normal EFI service operations.

Impact

The vulnerability causes a page fault that disrupts EFI runtime services, leading to failed integrity checks and a crash in the firmware.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

2.5

exploitability

4.0

remediation

0.0

relevance

0.0

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Linux Kernel UEFI Secure Boot Certificate Import Vulnerability on Apple T2 Macs

Vulnerability

Impact

Affected Products

Linux kernel

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating