exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

CVE-2021-20233

Status Candidate

Overview

A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Related Files

Red Hat Security Advisory 2021-3675-01
Posted Sep 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3675-01 - The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupd packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | ad9ce160c59df30cf9941c0697bd6c9340ed669c6ce5bb9d5b843c8b6fea9592
Red Hat Security Advisory 2021-2790-01
Posted Jul 21, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2790-01 - The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupd packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | be86abea103ec8d84e6360a6a41a211ab4c23cd15a420ca6d9cd3a53deafd4cd
Red Hat Security Advisory 2021-2566-01
Posted Jun 30, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2566-01 - The fwupd packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | d91cff7001af0e07e7cf5129e732ca530ae27f982e1b58ec9ae8ca90219abcb6
Ubuntu Security Notice USN-4992-1
Posted Jun 18, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4992-1 - Máté Kukri discovered that the acpi command in GRUB 2 allowed privileged users to load crafted ACPI tables when secure boot is enabled. An attacker could use this to bypass UEFI Secure Boot restrictions. Chris Coulson discovered that the rmmod command in GRUB 2 contained a use- after-free vulnerability. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. Chris Coulson discovered that a buffer overflow existed in the command line parser in GRUB 2. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. Various other issues were also addressed.

tags | advisory, overflow, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2020-14372, CVE-2020-25632, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | 1f9aec408e5162b86a8b71d82cc6be6d6601a5a4992dbb961c31198f605ea5bf
Red Hat Security Advisory 2021-1734-01
Posted May 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1734-01 - The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability
systems | linux, redhat
advisories | CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | dcedb24de00b5d9719c9c7f64315132bbca8814439dcc86339e598a30b79e84d
Gentoo Linux Security Advisory 202104-05
Posted May 3, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202104-5 - Multiple vulnerabilities have been found in GRUB, the worst might allow for circumvention of UEFI Secure Boot. Versions less than 2.06_rc1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-14372, CVE-2020-15705, CVE-2020-15706, CVE-2020-15707, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | 299d3aa5f1947d880973d356a72e943ce929b133f553e466d411763947ccd7a7
Debian Security Advisory 4867-1
Posted Mar 28, 2021
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4867-1 - Several vulnerabilities have been discovered in the GRUB2 bootloader.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | 537768c2310ba33e047d7788f7bdfd32c9b759d9df6d5d342d3e6d4c2a7fbb7b
Red Hat Security Advisory 2021-0701-01
Posted Mar 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0701-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | bac0e92d73c36ca3861a3c9399a30d7aaf20d451fca4508e2b74c05557dc85c8
Red Hat Security Advisory 2021-0700-01
Posted Mar 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0700-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | 95f6799f3865d5bad4d8983da0f149e24f1818f7a07b6b5675aa9ffd8e85b755
Red Hat Security Advisory 2021-0699-01
Posted Mar 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0699-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | 19c5d790135e6203b4d888f24f31d990697fa010b67917ee52553867a9fd8769
Red Hat Security Advisory 2021-0702-01
Posted Mar 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0702-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | b89eaa9a649bc2e88c2dd6ccb4800e755b153e83fbfec296a19dd3a55d6e0758
Red Hat Security Advisory 2021-0704-01
Posted Mar 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0704-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | b113d76400fe7779f8b0542b343841a779633f1d176f1fbd17bb38562705fb7a
Red Hat Security Advisory 2021-0703-01
Posted Mar 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0703-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | 565349d97f4c7d6f020ce8277fa102be10cdb1b69423f993945911b8b173ac7e
Red Hat Security Advisory 2021-0697-01
Posted Mar 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0697-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | 8009ba95cc600ab848b744c692618dc965eb7815bf42b86fe4d07eaaf0af6038
Red Hat Security Advisory 2021-0696-01
Posted Mar 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0696-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | 2e66e3236da9504ddcad3f4c157fe5db026918d81fdb70cf40f9824107cc59ab
Red Hat Security Advisory 2021-0698-01
Posted Mar 3, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0698-01 - The grub2 packages provide version 2 of the Grand Unified Boot Loader, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2020-14372, CVE-2020-25632, CVE-2020-25647, CVE-2020-27749, CVE-2020-27779, CVE-2021-20225, CVE-2021-20233
SHA-256 | b277f93a116582f9d206ea0acef392eb08f682040a8424264be5ee53d301f801
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close