Zedeldi

**Name of the Vulnerable Software and Affected Versions** IGEL OS versions prior to 11 **Description** IGEL OS versions prior to 11 contain a flaw in the `igel-flash-driver` module that improperly verifies cryptographic signatures during the Secure Boot process. This allows a crafted root filesystem to be mounted from an unverified SquashFS image, potentially enabling the loading of untrusted kernels and rootkits. The issue stems from a bypass of Secure Boot protections, potentially exploitable with minimal physical access. Multiple reports indicate the availability of a proof-of-concept (PoC) exploit. The vulnerability affects Linux systems relying on Microsoft’s 3rd Party UEFI CA certificate. **Recommendations** Update IGEL OS to version 11 or later. At the moment, there is no information about a newer version that contains a fix for this vulnerability.