An out-of-bounds read flaw was found on grub2’s NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | grub2 | < 2.06-13+deb12u1 | grub2_2.06-13+deb12u1_all.deb |
Debian | 11 | all | grub2 | < 2.06-3~deb11u6 | grub2_2.06-3~deb11u6_all.deb |
Debian | 10 | all | grub2 | < 2.06-3~deb10u4 | grub2_2.06-3~deb10u4_all.deb |
Debian | 999 | all | grub2 | < 2.12~rc1-11 | grub2_2.12~rc1-11_all.deb |
Debian | 13 | all | grub2 | < 2.12~rc1-11 | grub2_2.12~rc1-11_all.deb |