Lucene search
RedhatCVELIST:CVE-2021-3697HistoryJul 06, 2022 - 3:06 p.m.
CVE-2021-3697
2022-07-0615:06:47
CWE-787
redhat
www.cve.org
6
jpeg
heap underflow
data corruption
code execution
secure boot
grub2
A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12.
CNA Affected
[
{
"product": "grub2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "grub-2.06"
}
]
}
]Related
debiancve
debiancve
CVE-2021-3697
2022-07-06 16:15:08
veracode
veracode
Remote Code Execution (RCE)
2022-06-15 16:10:50
cbl_mariner
cbl_mariner
CVE-2021-3697 affecting package grub2 for versions less than 2.06-14
2024-03-19 17:21:46
CVE-2021-3697 affecting package grub2 for versions less than 2.06-12
2023-11-08 02:07:28
osv
osv
CVE-2021-3697
2022-07-06 16:15:08
grub2-2.06-25.1 on GA media
2024-06-15 00:00:00
Important: grub2, mokutil, shim, and shim-unsigned-x64 security update
2022-06-16 00:00:00
nessus
nessus
Photon OS 3.0: Grub2 PHSA-2023-3.0-0620
2024-07-24 00:00:00
CBL Mariner 2.0 Security Update: grub2 (CVE-2021-3697)
2024-07-03 00:00:00
Photon OS 4.0: Grub2 PHSA-2023-4.0-0439
2024-07-24 00:00:00
alpinelinux
alpinelinux
CVE-2021-3697
2022-07-06 16:15:08
prion
prion
Design/Logic Flaw
2022-07-06 16:15:00
cve
cve
CVE-2021-3697
2022-07-06 16:15:08
redhatcve
redhatcve
CVE-2021-3697
2022-06-07 17:19:47
nvd
nvd
CVE-2021-3697
2022-07-06 16:15:08
ubuntucve
ubuntucve
CVE-2021-3697
2022-07-06 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0439
2023-07-28 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0620
2023-07-28 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2341
2024-02-14 10:25:29
openvas
openvas
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2289)
2022-09-14 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:2041-1)
2022-06-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:2037-1)
2022-06-13 00:00:00
oraclelinux
oraclelinux
grub2 security update
2022-06-07 00:00:00
grub2 security update
2022-06-07 00:00:00
grub2 security update
2023-10-27 00:00:00
suse
suse
Security update for grub2 (important)
2022-06-13 00:00:00
Security update for grub2 (important)
2022-06-10 00:00:00
redos
redos
ROS-20240208-03
2024-02-08 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: grub2-2.06-42.fc36
2022-06-10 01:15:49
[SECURITY] Fedora 35 Update: grub2-2.06-11.fc35
2022-06-22 01:25:16
almalinux
almalinux
Important: grub2, mokutil, shim, and shim-unsigned-x64 security update
2022-06-16 00:00:00
Important: grub2, mokutil, shim, and shim-unsigned-x64 security update
2022-06-16 00:00:00
rocky
rocky
grub2, mokutil, shim, and shim-unsigned-x64 security update
2022-06-16 13:10:10
grub2, mokutil, shim, and shim-unsigned-x64 security update
2022-06-16 13:17:13
redhat
redhat
gentoo
gentoo
GRUB: Multiple Vulnerabilities
2022-09-25 00:00:00
amazon
amazon
Important: grub2
2023-07-17 17:40:00
ubuntu
ubuntu
GRUB2 vulnerabilities
2023-09-08 00:00:00
hp
hp
HP ThinPro 8.0 SP 7 Security Updates
2024-01-26 00:00:00
HP ThinPro 8.0 SP 8 Security Updates
2024-03-01 00:00:00
avleonov
avleonov