Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-4693HistoryOct 25, 2023 - 6:17 p.m.
CVE-2023-4693
2023-10-2518:17:41
Debian Security Bug Tracker
security-tracker.debian.org
11
cve-2023-4693
out-of-bounds read
grub2
ntfs
memory access
physically present attacker
sensitive data
efi variable
confidentiality risk
unix
0.001 Low
EPSS
Percentile
32.0%
An out-of-bounds read flaw was found on grub2’s NTFS filesystem driver. This issue may allow a physically present attacker to present a specially crafted NTFS file system image to read arbitrary memory locations. A successful attack allows sensitive data cached in memory or EFI variable values to be leaked, presenting a high Confidentiality risk.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | grub2 | < 2.06-13+deb12u1 | grub2_2.06-13+deb12u1_all.deb |
| Debian | 11 | all | grub2 | < 2.06-3~deb11u6 | grub2_2.06-3~deb11u6_all.deb |
| Debian | 10 | all | grub2 | < 2.06-3~deb10u4 | grub2_2.06-3~deb10u4_all.deb |
| Debian | 999 | all | grub2 | < 2.12~rc1-11 | grub2_2.12~rc1-11_all.deb |
| Debian | 13 | all | grub2 | < 2.12~rc1-11 | grub2_2.12~rc1-11_all.deb |
Related
cvelist
cvelist
CVE-2023-4693 Grub2: out-of-bounds read at fs/ntfs.c
2023-10-25 10:27:29
cbl_mariner
cbl_mariner
CVE-2023-4693 affecting package grub2 for versions less than 2.06-18
2024-04-19 22:15:55
CVE-2023-4693 affecting package grub2 for versions less than 2.06-13
2024-03-05 17:52:42
ubuntucve
ubuntucve
CVE-2023-4693
2023-10-03 00:00:00
prion
prion
Design/Logic Flaw
2023-10-25 18:17:00
veracode
veracode
Out-of-bounds Read
2023-10-08 22:49:43
cve
cve
CVE-2023-4693
2023-10-25 18:17:41
nessus
nessus
EulerOS 2.0 SP9 : grub2 (EulerOS-SA-2023-3333)
2024-01-16 00:00:00
EulerOS 2.0 SP10 : grub2 (EulerOS-SA-2024-1060)
2024-01-16 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : GRUB2 vulnerabilities (USN-6410-1)
2023-10-04 00:00:00
redhatcve
redhatcve
CVE-2023-4692
2023-10-03 18:24:36
CVE-2023-4693
2023-10-03 18:24:46
osv
osv
grub2-signed, grub2-unsigned vulnerabilities
2023-10-04 01:31:42
grub2 - security update
2023-10-06 00:00:00
grub2 - security update
2023-10-06 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: grub2-2.06-120.fc39
2024-04-29 01:55:42
[SECURITY] Fedora 38 Update: grub2-2.06-118.fc38
2024-05-03 01:36:58
[SECURITY] Fedora 40 Update: grub2-2.06-121.fc40
2024-04-23 01:15:56
amazon
amazon
Important: grub2
2023-10-12 15:08:00
openvas
openvas
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2024-1651)
2024-05-16 00:00:00
Debian: Security Advisory (DLA-3605-1)
2023-10-06 00:00:00
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2024-1035)
2024-01-05 00:00:00
ubuntu
ubuntu
GRUB2 vulnerabilities
2023-10-04 00:00:00
debian
debian
[SECURITY] [DSA 5519-1] grub2 security update
2023-10-06 19:03:15
[SECURITY] [DLA 3605-1] grub2 security update
2023-10-05 21:46:52
redhat
redhat
(RHSA-2024:2456) Moderate: grub2 security update
2024-04-30 06:15:45
(RHSA-2024:3184) Moderate: grub2 security update
2024-05-22 06:35:52
oraclelinux
oraclelinux
grub2 security update
2024-05-03 00:00:00
grub2 security update
2024-05-24 00:00:00
almalinux
almalinux
Moderate: grub2 security update
2024-04-30 00:00:00
mageia
mageia
Updated grub2 packages fix security vulnerabilities
2024-03-28 06:52:55
photon
photon
Important Photon OS Security Update - PHSA-2023-5.0-0130
2023-10-30 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0505
2023-11-04 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0681
2023-11-04 00:00:00
hp
hp
HP ThinPro 8.1 SP 2 Security Updates
2024-04-12 00:00:00