Linux Boot Flaw Allows Bypass of Secure Boot and Full Disk Encryption

An article by Alexander Moch at ERNW describes a vulnerability in the Linux boot process that allows attackers to inject code from the debug shell of the initramfs. Even with Secure Boot and encryption enabled, a few keystrokes can grant access to a shell and allow the addition of persistent malware. The solution is simple and involves kernel parameters.