Something seriously wrong with shim sbat [Debain 12.6 stable]

[koreanfan]

With enabled secure boot in bios i got error "Something seriously wrong with shim sbat etc" and my pc turned off. If secure boot disabled then system boot normally

[steve-mcintyre]

What OSes have you booted on this machine previously?

[koreanfan]

What OSes have you booted on this machine previously?

I use windows10(own efi partition) and debian stable(own efi partition). I even install debian on another clean partition with different esp partition and got the same effect. Later i switch to win11 with clean install. Also i reinstall grub few times but got the same effect. Is debian shim blacklisted? Or its debian bug? I update bios to the latest and in description to new bios said "- Fixed CVE-2024-36877 security issue". Also i find on internet: https://forums.debian.net/viewtopic.php?t=160159 https://lists.debian.org/debian-boot/2024/07/msg00002.html https://lists.debian.org/debian-efi/2024/07/msg00007.html

[steve-mcintyre]

So you've already found the most likely cause (as I mentioned in that mail to the debian-efi list). I'm about to upload a new version of shim-signed for bookworm which should fix this. That will take a few days to filter through to bookworm-proposed-updates and then into the next point release at the end of the month.

In the meantime, you might need to disable secure boot - sorry :-(

[jsetje]

This comment probably applies here as well: https://github.com/rhboot/shim/issues/682#issuecomment-2302411269