Secure Boot bypass risk in Framework Linux laptops
🔒 Eclypsium discovered that Framework shipped signed UEFI shells containing a dangerous mm (memory modify) command that can directly read and write system RAM and be leveraged to disable Secure Boot. By overwriting the gSecurity2 security handler pointer to NULL or redirecting it to a stub that always returns success, the mm command stops signature verification and can permit bootkits to load. Framework estimates roughly 200,000 affected units; users should apply available firmware and DBX updates, restrict physical access, or temporarily remove Framework's DB key in BIOS until patches are applied.
