rpm package
suse/grub2&distro=SUSE Linux Enterprise Module for Server Applications 15 SP5
pkg:rpm/suse/grub2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-4692 | — | < 2.06-150500.29.8.1 | 2.06-150500.29.8.1 | Oct 25, 2023 | An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap me | ||
| CVE-2023-4693 | — | < 2.06-150500.29.8.1 | 2.06-150500.29.8.1 | Oct 25, 2023 | An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI v |
- CVE-2023-4692Oct 25, 2023affected < 2.06-150500.29.8.1fixed 2.06-150500.29.8.1
An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, leading to grub's heap metadata corruption. In some circumstances, the attack may also corrupt the UEFI firmware heap me
- CVE-2023-4693Oct 25, 2023affected < 2.06-150500.29.8.1fixed 2.06-150500.29.8.1
An out-of-bounds read flaw was found on grub2's NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI v