diff --git a/.github/workflows/build-os-image.yml b/.github/workflows/build-os-image.yml
index 106cf9b27..745951013 100644
--- a/.github/workflows/build-os-image.yml
+++ b/.github/workflows/build-os-image.yml
@@ -358,7 +358,8 @@ jobs:
           ./precalculate_pcr_4.sh ${{ github.workspace }}/image.raw ${{ github.workspace }}/pcr-4-${{ matrix.csp }}.json >> $GITHUB_STEP_SUMMARY
           ./precalculate_pcr_8.sh ${{ github.workspace }}/image.raw ${{ github.workspace }}/pcr-8-${{ matrix.csp }}.json ${{ matrix.csp }}  >> $GITHUB_STEP_SUMMARY
           ./precalculate_pcr_9.sh ${{ github.workspace }}/image.raw ${{ github.workspace }}/pcr-9-${{ matrix.csp }}.json >> $GITHUB_STEP_SUMMARY
-          jq --sort-keys -s '.[0] * .[1] * .[2]' ${{ github.workspace }}/pcr-* > ${{ github.workspace }}/pcrs-${{ matrix.csp }}.json
+          cp pcr-stable.json ${{ github.workspace }}/
+          jq --sort-keys -s '.[0] * .[1] * .[2] * .[3]' ${{ github.workspace }}/pcr-* > ${{ github.workspace }}/pcrs-${{ matrix.csp }}.json
           echo "::endgroup::"
         working-directory: ${{ github.workspace }}/image/mkosi/measured-boot
 
diff --git a/image/mkosi/measured-boot/pcr-stable.json b/image/mkosi/measured-boot/pcr-stable.json
new file mode 100755
index 000000000..48ba33120
--- /dev/null
+++ b/image/mkosi/measured-boot/pcr-stable.json
@@ -0,0 +1,6 @@
+{
+    "pcr11": "0000000000000000000000000000000000000000000000000000000000000000",
+    "pcr12": "0000000000000000000000000000000000000000000000000000000000000000",
+    "pcr13": "0000000000000000000000000000000000000000000000000000000000000000",
+    "pcr15": "0000000000000000000000000000000000000000000000000000000000000000"
+}