{"id":"CVE-2020-26541","details":"The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.","modified":"2026-04-16T04:33:11.588011181Z","published":"2020-10-02T19:15:13.900Z","related":["ALSA-2021:2570","SUSE-SU-2022:2104-1","SUSE-SU-2022:2111-1","SUSE-SU-2022:2172-1","SUSE-SU-2022:2173-1","SUSE-SU-2022:2177-1","SUSE-SU-2022:2377-1","SUSE-SU-2022:2382-1","SUSE-SU-2022:2393-1","SUSE-SU-2022:2407-1","SUSE-SU-2022:2629-1","SUSE-SU-2022:4561-1","SUSE-SU-2022:4611-1","openSUSE-SU-2022:2173-1","openSUSE-SU-2022:2177-1"],"references":[{"type":"EVIDENCE","url":"https://lkml.org/lkml/2020/9/15/1871"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"5.8.13"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-26541.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H"}]}