VYPR

grub2

by Red Hat

CVEs (2)

  • CVE-2023-4001MedJan 15, 2024
    risk 0.44cvss 6.8epss 0.01

    An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the password hash for the GRUB password protection feature. An attacker capable of attaching an external drive such as a USB…

  • CVE-2024-1048LowFeb 6, 2024
    risk 0.21cvss 3.3epss 0.00

    A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the…