rpm package
opensuse/grub2&distro=openSUSE Leap 15.4
pkg:rpm/opensuse/grub2&distro=openSUSE%20Leap%2015.4
Vulnerabilities (9)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-28736 | — | < 2.06-150400.11.5.2 | 2.06-150400.11.5.2 | Jul 20, 2023 | There's a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerabili | ||
| CVE-2022-28735 | — | < 2.06-150400.11.5.2 | 2.06-150400.11.5.2 | Jul 20, 2023 | The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain. | ||
| CVE-2022-28734 | — | < 2.06-150400.11.5.2 | 2.06-150400.11.5.2 | Jul 20, 2023 | Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buf | ||
| CVE-2022-28733 | — | < 2.06-150400.11.5.2 | 2.06-150400.11.5.2 | Jul 20, 2023 | Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number whi | ||
| CVE-2022-3775 | Hig | 7.1 | < 2.06-150400.11.17.1 | 2.06-150400.11.17.1 | Dec 19, 2022 | When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to mem | |
| CVE-2022-2601 | Hig | 8.6 | < 2.06-150400.11.17.1 | 2.06-150400.11.17.1 | Dec 14, 2022 | A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bound | |
| CVE-2021-3697 | — | < 2.06-150400.11.5.2 | 2.06-150400.11.5.2 | Jul 6, 2022 | A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. | ||
| CVE-2021-3696 | — | < 2.06-150400.11.5.2 | 2.06-150400.11.5.2 | Jul 6, 2022 | A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and | ||
| CVE-2021-3695 | — | < 2.06-150400.11.5.2 | 2.06-150400.11.5.2 | Jul 6, 2022 | A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be expl |
- CVE-2022-28736Jul 20, 2023affected < 2.06-150400.11.5.2fixed 2.06-150400.11.5.2
There's a use-after-free vulnerability in grub_cmd_chainloader() function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerabili
- CVE-2022-28735Jul 20, 2023affected < 2.06-150400.11.5.2fixed 2.06-150400.11.5.2
The GRUB2's shim_lock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules to be loaded in GRUB2 breaking the secure boot trust-chain.
- CVE-2022-28734Jul 20, 2023affected < 2.06-150400.11.5.2fixed 2.06-150400.11.5.2
Out-of-bounds write when handling split HTTP headers; When handling split HTTP headers, GRUB2 HTTP code accidentally moves its internal data buffer point by one position. This can lead to a out-of-bound write further when parsing the HTTP request, writing a NULL byte past the buf
- CVE-2022-28733Jul 20, 2023affected < 2.06-150400.11.5.2fixed 2.06-150400.11.5.2
Integer underflow in grub_net_recv_ip4_packets; A malicious crafted IP packet can lead to an integer underflow in grub_net_recv_ip4_packets() function on rsm->total_len value. Under certain circumstances the total_len value may end up wrapping around to a small integer number whi
- affected < 2.06-150400.11.17.1fixed 2.06-150400.11.17.1
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to mem
- affected < 2.06-150400.11.17.1fixed 2.06-150400.11.17.1
A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bound
- CVE-2021-3697Jul 6, 2022affected < 2.06-150400.11.5.2fixed 2.06-150400.11.5.2
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload.
- CVE-2021-3696Jul 6, 2022affected < 2.06-150400.11.5.2fixed 2.06-150400.11.5.2
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and
- CVE-2021-3695Jul 6, 2022affected < 2.06-150400.11.5.2fixed 2.06-150400.11.5.2
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be expl