Initramfs debug shell flaw lets attackers with physical access bypass Linux Secure Boot.

Alexander Moch of ERNW demonstrated that an attacker can trigger the initramfs debug shell on modern Linux systems after multiple password failures, modify the unpacked initramfs to insert malicious hooks, and then repack it without breaking Secure Boot’s signed-kernel guarantees. This attack exploits the fact that Secure Boot verifies only the kernel image and modules, leaving the unsigned initramfs vulnerable to tampering and allowing persistent malware injection that survives system reboots. Moch advises adding several kernel parameters, locking down bootloader access, or encrypting the boot partition to prevent dropping into a debug shell.

Read more:

https://cybernews.com/security/hackers-can-bypass-linux-secure-boot/