CVE-2020-15707

🗓️ 29 Jul 2020 17:45:34Reported by canonicalType

Integer overflows in grub_cmd_initrd and grub_initrd_init in GRUB2 efilinux component lead to heap-based buffer overflow, allowing arbitrary code execution and UEFI Secure Boot bypass

Reporter	Title	Published	Views	Family All 170
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities	26 Mar 202504:05	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to Using Components with Known Vulnerabilities	30 Oct 202016:18	–	ibm
Tenable Nessus	Alibaba Cloud Linux 3 : 0064: grub2 (ALINUX3-SA-2022:0064)	14 May 202500:00	–	nessus
Tenable Nessus	CentOS 8 : grub2 (CESA-2020:3216)	1 Feb 202100:00	–	nessus
Tenable Nessus	CentOS 7 : grub2 (RHSA-2020:3217)	31 Jul 202000:00	–	nessus
Tenable Nessus	Debian DSA-4735-1 : grub2 - security update	30 Jul 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP8 : grub2 (EulerOS-SA-2020-1853)	28 Aug 202000:00	–	nessus
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.6.0 : grub2 (EulerOS-SA-2020-2000)	29 Sep 202000:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.9.1 : grub2 (EulerOS-SA-2021-1601)	10 Mar 202100:00	–	nessus
Tenable Nessus	GLSA-202104-05 : GRUB: Multiple vulnerabilities	3 May 202100:00	–	nessus

NVD

Node

gnu grub2Range≤2.04

Node

redhat enterprise_linux_atomic_hostMatch-

redhat openshift_container_platformMatch4.0

redhat enterprise_linuxMatch7.0

redhat enterprise_linuxMatch8.0

Node

microsoft windows_10Match-

microsoft windows_10Match1607

microsoft windows_10Match1709

microsoft windows_10Match1803

microsoft windows_10Match1809

microsoft windows_10Match1903

microsoft windows_10Match1909

microsoft windows_10Match2004

microsoft windows_8.1Match-

microsoft windows_rt_8.1Match-

microsoft windows_server_2012Match-

microsoft windows_server_2012Matchr2

microsoft windows_server_2016Match-

microsoft windows_server_2016Match1903

microsoft windows_server_2016Match1909

microsoft windows_server_2016Match2004

microsoft windows_server_2019Match-

Node

canonical ubuntu_linuxMatch14.04esm

canonical ubuntu_linuxMatch16.04esm

canonical ubuntu_linuxMatch18.04lts

canonical ubuntu_linuxMatch20.04lts

Node

debian debian_linuxMatch10.0

Node

opensuse leapMatch15.1

opensuse leapMatch15.2

suse suse_linux_enterprise_serverMatch11

suse suse_linux_enterprise_serverMatch12

suse suse_linux_enterprise_serverMatch15

Node

netapp active_iq_unified_managerRange9.5≥vmware_vsphere

[
  {
    "product": "grub2 in Ubuntu",
    "vendor": "Ubuntu",
    "versions": [
      {
        "lessThan": "2.04-1ubuntu26.1",
        "status": "affected",
        "version": "20.04 LTS",
        "versionType": "custom"
      },
      {
        "lessThan": "2.02-2ubuntu8.16",
        "status": "affected",
        "version": "18.04 LTS",
        "versionType": "custom"
      },
      {
        "lessThan": "2.02~beta2-36ubuntu3.26",
        "status": "affected",
        "version": "16.04 LTS",
        "versionType": "custom"
      },
      {
        "lessThan": "2.02~beta2-9ubuntu1.20",
        "status": "affected",
        "version": "14.04 ESM",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
eclypsium	www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/
usn	www.usn.ubuntu.com/4432-1/
lists	www.lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html
suse	www.suse.com/support/kb/doc/
openwall	www.openwall.com/lists/oss-security/2020/07/29/3
debian	www.debian.org/security/2020-GRUB-UEFI-SecureBoot
access	www.access.redhat.com/security/vulnerabilities/grub2bootloader
lists	www.lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html
lists	www.lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html
ubuntu	www.ubuntu.com/security/notices/USN-4432-1

21 Nov 2024 05:06Current

7.6High risk

Vulners AI Score7.6

CVSS 24.4

CVSS 3.15.7 - 6.4

EPSS0.00031