Just about every Windows and Linux device vulnerable to new LogoFAIL firmware attack(ars technica) [LWN.net]

My knowledge of EFI boot is limited to basic Linux installs on an SSD with boot and root partition. In that scheme, the EFI boot code is in the ESP boot partition (GPT type 1, FAT formatted partition). If I understand this vulnerability correctly, it would compromise the EFI boot code in the ESP by replacing the boot code file with a malicious boot code file containing a logo image that exploits the boot code’s image parser.

To my limited understanding, a compromised install could easily be erased by replacing the compromised EFI boot code file with the correct file. A reformat and reinstall of Linux on the SSD would also serve to erase any other potential malicious modifications to the system. The article seems to suggest, without nuance, that the malicious boot code becomes permanently embedded and unfixable. I could understand the permanence of the exploit if there were an embedded storage device in the motherboard that served as the EFI partition, but for the scenario I described it seems like the article’s dire claim would not be true.