grubgrub-2.12: 31 vulnerabilities (highest severity is: 8.6) #37
Labels
Mend: dependency security vulnerability
Security vulnerability detected by Mend
Comments
mend-for-github-com
bot
added
the
Mend: dependency security vulnerability
mend-for-github-com
bot
changed the title
mend-for-github-com
bot
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Vulnerabilities
**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation
Details
Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism.
Publish Date: 2022-12-14
URL: CVE-2022-2601
CVSS 3 Score Details (8.6)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (2)
Vulnerability Details
_gcry_md_block_write in cipher/hash-common.c in Libgcrypt version 1.9.0 has a heap-based buffer overflow when the digest final function sets a large count value. It is recommended to upgrade to 1.9.1 or later.
Publish Date: 2021-01-29
URL: CVE-2021-3345
CVSS 3 Score Details (7.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3345
Release Date: 2021-01-29
Fix Resolution: libgcrypt-1.9.1
Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (3)
Vulnerability Details
A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Publish Date: 2021-03-03
URL: CVE-2020-25647
CVSS 3 Score Details (7.6)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Physical
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2020-25647
Release Date: 2021-03-03
Fix Resolution: grub2-common - 2.02-0.86,2.02-90,2.02-0.86,2.02-87,2.02-0.87,2.02-87,2.02-0.86,2.02-0.86,2.02-0.86;grub2-tools-extra - 2.02-87,2.02-0.86,2.02-90,2.02-0.87,2.02-87,2.02-87,2.02-0.86,2.02-87,2.02-87,2.02-87,2.02-90,2.02-0.86,2.02-0.86,2.02-90;grub2-tools-extra-debuginfo - 2.02-90,2.02-87,2.02-87;grub2-pc-modules - 2.02-87,2.02-0.86,2.02-0.86,2.02-0.86,2.02-90,2.02-0.86,2.02-0.86,2.02-87,2.02-0.87;grub2-efi-x64-cdboot - 2.02-0.87,2.02-0.86,2.02-0.86,2.02-0.86,2.02-0.86,2.02-0.86,2.02-87,2.02-90,2.02-87;fwupd-debugsource - 1.1.4-9,1.1.4-4,1.5.9-1;grub2-tools - 2.02-0.86,2.02-90,2.02-90,2.02-87,2.02-87,2.02-0.86,2.02-0.87,2.02-0.86,2.02-0.86,2.02-87,2.02-87,2.02-87,2.02-0.87,2.02-0.86,2.02-90,2.02-87,2.02-0.86,2.02-0.86;grub2-tools-debuginfo - 2.02-87,2.02-87,2.02-90;grub2-efi-aa64 - 2.02-90,2.02-87,2.02-87;grub2-efi-ia32 - 2.02-0.86,2.02-87,2.02-0.86,2.02-87,2.02-0.86,2.02-90,2.02-0.86,2.02-0.87,2.02-0.86;grub2-tools-minimal - 2.02-87,2.02-0.86,2.02-87,2.02-0.86,2.02-87,2.02-0.86,2.02-87,2.02-87,2.02-90,2.02-90,2.02-0.86,2.02-0.87,2.02-0.86,2.02-90,2.02-87;grub2-efi-aa64-cdboot - 2.02-87,2.02-87,2.02-90;shim-x64 - 15.4-2;grub2-ppc64le-modules - 2.02-0.87,2.02-0.86,2.02-0.86,2.02-0.86,2.02-90,2.02-0.86,2.02-87,2.02-0.86,2.02-87;grub2-efi-ia32-cdboot - 2.02-87,2.02-90,2.02-0.86,2.02-0.87,2.02-0.86,2.02-87,2.02-0.86,2.02-0.86,2.02-0.86;grub2-ppc64le - 2.02-87,2.02-90,2.02-87;shim - 15.4-2;grub2-pc - 2.02-0.86,2.02-87,2.02-0.87,2.02-90,2.02-87,2.02-0.86,2.02-0.86,2.02-0.86,2.02-0.86;grub2-efi-x64 - 2.02-0.86,2.02-90,2.02-0.86,2.02-0.86,2.02-87,2.02-0.86,2.02-0.86,2.02-0.87,2.02-87;grub2-ppc-modules - 2.02-0.86,2.02-0.86,2.02-0.87,2.02-0.86,2.02-0.86,2.02-0.86;grub2-debugsource - 2.02-87,2.02-87,2.02-90;grub2-debuginfo - 2.02-0.86,2.02-0.86,2.02-0.86,2.02-0.86,2.02-0.87,2.02-0.86,2.02-87,2.02-87,2.02-90;shim-aa64 - 15.4-2;shim-ia32 - 15.4-2;grub2-efi-x64-modules - 2.02-0.86,2.02-90,2.02-0.86,2.02-87,2.02-0.86,2.02-0.86,2.02-0.86,2.02-87,2.02-0.87;grub2-tools-efi-debuginfo - 2.02-87,2.02-87,2.02-90;fwupd-debuginfo - 1.1.4-9,1.1.4-4,1.5.9-1;grub2-tools-efi - 2.02-87,2.02-90,2.02-87;fwupd - 1.5.9-1,1.1.4-4,1.1.4-4,1.1.4-4,1.1.4-9,1.5.9-1,1.5.9-1,1.5.9-1,1.1.4-9,1.1.4-9,1.1.4-4,1.1.4-4,1.5.9-1,1.1.4-9,1.1.4-9;grub2 - 2.02-0.87,2.02-0.87,2.02-0.86,2.02-0.86,2.02-0.86,2.02-0.86,2.02-0.86,2.02-0.86,2.02-0.86,2.02-0.86,2.02-0.86,2.02-87,2.02-0.86,2.02-87,2.02-0.86,2.02-0.87,2.02-0.86,2.02-90;grub2-efi-ia32-modules - 2.02-0.86,2.02-0.86,2.02-90,2.02-0.87,2.02-87,2.02-0.86,2.02-87,2.02-0.86,2.02-0.86;grub2-tools-minimal-debuginfo - 2.02-87,2.02-87,2.02-90;grub2-efi-aa64-modules - 2.02-0.86,2.02-0.87,2.02-0.86,2.02-87,2.02-0.86,2.02-0.86,2.02-0.86,2.02-87,2.02-90;grub2-tools-extra - 2.02-0.86
Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap metadata. As a result, arbitrary code execution and secure boot protection bypass may be achieved.
Publish Date: 2023-10-25
URL: CVE-2023-4692
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: High
- User Interaction: None
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://bugzilla.redhat.com/show_bug.cgi?id=2236613
Release Date: 2023-10-25
Fix Resolution: 2.02;grub-2.02
Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (3)
Vulnerability Details
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.
Publish Date: 2021-06-08
URL: CVE-2021-33560
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560
Release Date: 2021-06-08
Fix Resolution: libgcrypt-1.9.3
Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (3)
Vulnerability Details
cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation.
Mend Note: GnuPG uses ElGamal in hybrid mode only; This is not a vulnerability in libgcrypt, but in an application using it in an insecure manner.
Publish Date: 2018-02-07
URL: CVE-2018-6829
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
For more information on CVSS3 Scores, click here.Vulnerable Libraries - grubgrub-2.12, grubgrub-2.12
grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Vulnerable Source Files (3)
grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Vulnerable Source Files (3)
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerability Details
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c.
Publish Date: 2017-08-29
URL: CVE-2017-0379
CVSS 3 Score Details (7.5)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-0379
Release Date: 2017-08-29
Fix Resolution: libgcrypt - 1.8.5
Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.
Publish Date: 2022-12-19
URL: CVE-2022-3775
CVSS 3 Score Details (7.1)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.
Publish Date: 2022-07-06
URL: CVE-2021-3697
CVSS 3 Score Details (7.0)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Vulnerable Libraries - grubgrub-2.12, grubgrub-2.12
grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Vulnerable Source Files (1)
grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Vulnerable Source Files (1)
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerability Details
An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. An attacker capable of attaching an external drive such as a USB stick containing a file system with a duplicate UUID (the same as in the "/boot/" file system) can bypass the GRUB password protection feature on UEFI systems, which enumerate removable drives before non-removable ones. This issue was introduced in a downstream patch in Red Hat's version of grub2 and does not affect the upstream package.
Publish Date: 2024-01-15
URL: CVE-2023-4001
CVSS 3 Score Details (6.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Physical
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (3)
Vulnerability Details
libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This side-channel requires that attacker can run arbitrary software on the hardware where the private RSA key is used.
Publish Date: 2018-07-26
URL: CVE-2017-7526
CVSS 3 Score Details (6.8)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: None
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2017-7526
Release Date: 2018-07-26
Fix Resolution: libgcrypt - 1.8.5
Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure boot protections.
Publish Date: 2025-02-18
URL: CVE-2024-45781
CVSS 3 Score Details (6.7)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: High
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the
file name however it fails to properly verify the allocation against
possible Integer Overflows. It's possible to cause the allocation
length to overflow with a crafted tar file leading to a head
Out-of-bounds write, as consequence an attacker may leverage this to
eventually circumvent secure boot protections.
Publish Date: 2025-03-03
URL: CVE-2024-45780
CVSS 3 Score Details (6.7)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: High
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded.
Publish Date: 2025-02-18
URL: CVE-2024-45774
CVSS 3 Score Details (6.7)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: High
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
A flaw was found in grub2. When performing a symlink lookup from a romfs filesystem, grub's romfs
filesystem module uses user-controlled parameters from the filesystem
geometry to determine the internal buffers size, however it misses to
properly check for integer overflows. A maliciouly crafted filesystem
may lead some of those buffer size calculation to overflow, causing it
to perform a grub_malloc() operation with a smaller size than
expected. As a result the grub_romfs_read_symlink() may cause a
out-of-bounds writes when calling grub_disk_read() function. This flaw
may be leveraged to corrupt grub's internal critical data and may
result in arbitrary code execution by-passing secure boot protections.
Publish Date: 2025-03-03
URL: CVE-2025-0686
CVSS 3 Score Details (6.4)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: High
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
A flaw was found in grub2. When reading data from a jfs filesystem, grub's jfs filesystem module
uses user-controlled parameters from the filesystem geometry to
determine the internal buffers size, however it misses to properly
check for integer overflows. A maliciouly crafted filesystem may lead
some of those buffer size calculation to overflow, causing it to
perform a grub_malloc() operation with a smaller size than
expected. As a result the grub_jfs_lookup_symlink() function will
write past of the internal buffer length during
grub_jfs_read_file(). This flaw may be leveraged to corrupt grub's
internal critical data and may result in arbitrary code execution
by-passing secure boot protections.
Publish Date: 2025-03-03
URL: CVE-2025-0685
CVSS 3 Score Details (6.4)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: High
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub's
reiserfs fs module uses user-controlled parameters from the filesystem
geometry to determine the internal buffers size, however it misses to
properly check for integer overflows. A maliciouly crafted filesystem
may lead some of those buffer size calculation to overflow, causing it
to perform a grub_malloc() operation with a smaller size than
expected. As a result the grub_reiserfs_read_symlink() will call
grub_reiserfs_read_real() with a overflown length parameter leading to
a heap based out-of-bounds write during data reading. This flaw may be
leveraged to corrupt grub's internal critical data and may result in
arbitrary code execution by-passing secure boot protections.
Publish Date: 2025-03-03
URL: CVE-2025-0684
CVSS 3 Score Details (6.4)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: High
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
A flaw was found in grub2. When performing a symlink lookup the grub's UFS module check the
inode's data size to allocate the internal buffer for reading the file
content however it misses to check if the symlink data size has
overflown. If that happens grub_malloc() may be called with a smaller
value than needed, as consequence when further reading the data from
disk into the buffer grub_ufs_lookup_symlink() function will write
past the end of the allocated size. An attack may leverage that by
crafting a malicious filesystem and as a result it will corrupt data
stored in the heap, it's possible that arbitrary code execution may be
achieved through it and to be used to by-pass secure boot mechanisms.
Publish Date: 2025-02-19
URL: CVE-2025-0677
CVSS 3 Score Details (6.4)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: High
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.
Publish Date: 2020-07-29
URL: CVE-2020-15706
CVSS 3 Score Details (6.4)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: High
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://nvd.nist.gov/vuln/detail/CVE-2020-15706
Release Date: 2020-07-29
Fix Resolution: grub - no_fix
Vulnerable Libraries - grubgrub-2.12, grubgrub-2.12
grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Vulnerable Source Files (3)
grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Vulnerable Source Files (3)
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerability Details
It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7.
Publish Date: 2019-09-25
URL: CVE-2019-13627
CVSS 3 Score Details (6.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: None
For more information on CVSS3 Scores, click here.Suggested Fix
Type: Upgrade version
Origin: https://gitlab.alpinelinux.org/alpine/aports/issues/10823
Release Date: 2019-09-25
Fix Resolution: 1.8.5
Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (3)
Vulnerability Details
A flaw was found in grub2. The read command is used to read the keyboard input from the user,
while reads it keeps the input length in a 32-bit integer value which
is further used to reallocate the line buffer to accept the next
character. During this process, with a line big enough it's possible
to make this variable to overflow leading to a out-of-bounds write in
the heap based buffer. This flaw may be leveraged to corrupt grub's
internal critical data and secure boot bypass is not discarded as
consequence.
Publish Date: 2025-02-24
URL: CVE-2025-0690
CVSS 3 Score Details (6.1)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Physical
- Attack Complexity: Low
- Privileges Required: High
- User Interaction: Required
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
For more information on CVSS3 Scores, click here.Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
A flaw was found in grub2. There's an integer overflow in the BFS file system driver. When
reading a file with indirect extent map grub2 fails to validate the
number of extent entries to be read. A crafted or corrupted BFS
filesystem may cause a integer overflow during the file reading,
leading to a Heap Ouf-of-Bounds read. As consequence sensitive data
may be leaked or the grub2 to crash.
Publish Date: 2025-03-03
URL: CVE-2024-45779
CVSS 3 Score Details (6.0)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: High
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: High
For more information on CVSS3 Scores, click here.Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks.
Publish Date: 2024-12-29
URL: CVE-2024-56738
CVSS 3 Score Details (5.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: None
- Availability Impact: None
For more information on CVSS3 Scores, click here.Vulnerable Library - grubgrub-2.12
Gnu Distributions
Library home page: https://ftp.gnu.org/gnu/grub?wsslib=grub
Found in HEAD commit: 34ea03480cbcacc530f29fed55eb2d7d0de23483
Found in base branch: develop
Vulnerable Source Files (1)
Vulnerability Details
An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk.
Publish Date: 2023-10-25
URL: CVE-2023-4693
CVSS 3 Score Details (5.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Local
- Attack Complexity: High
- Privileges Required: High
- User Interaction: None
- Scope: Changed
- Impact Metrics:
- Confidentiality Impact: High
- Integrity Impact: None
- Availability Impact: None
For more information on CVSS3 Scores, click here.The text was updated successfully, but these errors were encountered: