Search CVE reports
1 – 10 of 63 results
A vulnerability in the GRUB2 bootloader has been identified in the normal module. This flaw, a memory Use After Free issue, occurs because the normal_exit command is not properly unregistered when its related module is unloaded....
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A vulnerability has been identified in the GRUB2 bootloader's normal command that poses an immediate Denial of Service (DoS) risk. This flaw is a Use-after-Free issue, caused because the normal command is not properly unregistered...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the gettext command remains registered in memory after its module is unloaded. An attacker can exploit...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A vulnerability has been identified in the GRUB (Grand Unified Bootloader) component. This flaw occurs because the bootloader mishandles string conversion when reading information from a USB device, allowing an attacker to exploit...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A use-after-free vulnerability has been identified in the GNU GRUB (Grand Unified Bootloader). The flaw occurs because the file-closing process incorrectly retains a memory pointer, leaving an invalid reference to a file system...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A vulnerability has been identified in the GRUB2 bootloader's network module that poses an immediate Denial of Service (DoS) risk. This flaw is a Use-after-Free issue, caused because the net_set_vlan command is not properly...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based auto-decryption. When GRUB is set to automatically decrypt disks using keys stored in the TPM, it reads the decryption key into system...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows....
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this...
3 affected packages
grub2, grub2-unsigned, grub2-signed
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| grub2 | Not affected | Not affected | Not affected | Not affected |
| grub2-unsigned | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| grub2-signed | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |