The Ars Technica article mentions “CVE-2022-21894” – which is a Redmond (Microsoft) only issue …
- Searching the SUSE CVE list for “CVE-2022-21894” doesn’t yield any results: <https://www.suse.com/security/cve/>
On the other hand, once it inserted itself into UEFI – in the case of the Linux Kernel, by overwriting the trivial EFI shim bootloader plus, by manipulating the machine owner keys – it’s difficult to see what else it could do – the Linux Kernel, AFAICS, remains untouched …
- An interesting issue for Dual-Boot machines – Redmond infects the UEFI – the UEFI then attempts to disrupt the Linux bootloader (the trivial EFI bootloader named “shim”) …
BTW:
BlackLotus is written in the assembly and C programming languages
Meaning, it attacks via the CPU instruction set – which begs the question –
- Only the Intel/AMD instruction set or, can it also deal with other CPU instruction sets?