Search CVE reports
11 – 20 of 63 results
When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw was found in grub2. When performing a symlink lookup from a romfs filesystem, grub's romfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw was found in grub2. When reading data from a jfs filesystem, grub's jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub's reiserfs fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however,...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw was found in grub2. When reading data from a squash4 filesystem, grub's squash4 fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw was found in grub2. When performing a symlink lookup, the grub's UFS module checks the inode's data size to allocate the internal buffer to read the file content, however, it fails to check if the symlink data size...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function....
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw was found in grub2. When failing to mount an HFS+ grub, the hfsplus filesystem driver doesn't properly set an ERRNO value. This issue may lead to a NULL pointer access.
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw was found in the HFS filesystem. When reading an HFS volume's name at grub_fs_mount(), the HFS filesystem driver performs a strcpy() using the user-provided volume name as input without properly validating the volume name's...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |