VYPR
← All advisories
High severity7.1NVD Advisory· Published Dec 19, 2022· Updated May 27, 2026

CVE-2022-3775

CVE-2022-3775

Description

A heap out-of-bounds write in GRUB2 font glyph processing allows local attackers to corrupt memory or possibly execute arbitrary code.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A heap out-of-bounds write in GRUB2 font glyph processing allows local attackers to corrupt memory or possibly execute arbitrary code.

Vulnerability

The vulnerability resides in GRUB2's font code when rendering certain Unicode sequences. The code fails to properly validate whether the glyph's width and height are constrained within the bitmap size, leading to an out-of-bounds write into the heap. Affected versions include grub-2.06 and earlier; the fix is included in grub-2.06-r4 [1][2].

Exploitation

An attacker with local access to the system can craft a specially prepared input containing malformed Unicode sequences. When GRUB processes this input during boot, the unchecked glyph dimensions cause a heap buffer overflow. No user interaction beyond booting the attacker-controlled configuration is required [1].

Impact

Successful exploitation results in heap memory corruption and availability issues (denial of service). Although complex, arbitrary code execution could not be discarded, which might allow an attacker to bypass Secure Boot or gain control of the boot process [1][2].

Mitigation

Red Hat and Gentoo have released updated packages: sys-boot/grub-2.06-r4 (Gentoo) and corresponding updates for Red Hat Enterprise Linux. Users should upgrade to the fixed version as soon as possible. No workaround is known [1][2].

References
  1. cve-details
  2. Multiple Vulnerabilities (GLSA 202311-14) — Gentoo security

AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

61

Patches

0

No patches discovered yet.

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

2

News mentions

0

No linked articles in our index yet.