Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.ORACLELINUX_ELSA-2021-0699.NASL
HistoryMar 05, 2021 - 12:00 a.m.

Oracle Linux 7 : grub2 (ELSA-2021-0699)

2021-03-0500:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
30

8.3 High

AI Score

Confidence

High

JSON

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-0699 advisory.

  • A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity, as well as system availability. (CVE-2020-14372)

  • A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-25632)

  • A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-25647)

  • A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack frame and control execution which could also circumvent Secure Boot protections. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
    (CVE-2020-27749)

  • A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub’s memory layout. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-27779)

  • A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-20225)

  • A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2021-20233)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

##
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Oracle Linux Security Advisory ELSA-2021-0699.
##

include('compat.inc');

if (description)
{
  script_id(147141);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/01/12");

  script_cve_id(
    "CVE-2020-14372",
    "CVE-2020-25632",
    "CVE-2020-25647",
    "CVE-2020-27749",
    "CVE-2020-27779",
    "CVE-2021-20225",
    "CVE-2021-20233"
  );

  script_name(english:"Oracle Linux 7 : grub2 (ELSA-2021-0699)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Oracle Linux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the
ELSA-2021-0699 advisory.

  - A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI
    command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a
    Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable
    content directly into memory. The table is further loaded and executed by the kernel, defeating its Secure
    Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability
    is to data confidentiality and integrity, as well as system availability. (CVE-2020-14372)

  - A flaw was found in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a
    module used as a dependency without checking if any other dependent module is still loaded leading to a
    use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot
    protections. The highest threat from this vulnerability is to data confidentiality and integrity as well
    as system availability. (CVE-2020-25632)

  - A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are
    read with very little bounds checking and assumes the USB device is providing sane values. If properly
    exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a
    bypass of the Secure Boot mechanism. The highest threat from this vulnerability is to data confidentiality
    and integrity as well as system availability. (CVE-2020-25647)

  - A flaw was found in grub2 in versions prior to 2.06. Variable names present are expanded in the supplied
    command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage,
    without sufficient bounds checking. If the function is called with a command line that references a
    variable with a sufficiently large payload, it is possible to overflow the stack buffer, corrupt the stack
    frame and control execution which could also circumvent Secure Boot protections. The highest threat from
    this vulnerability is to data confidentiality and integrity as well as system availability.
    (CVE-2020-27749)

  - A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking
    allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent
    SecureBoot protections after proper triage about grub's memory layout. The highest threat from this
    vulnerability is to data confidentiality and integrity as well as system availability. (CVE-2020-27779)

  - A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past
    the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms
    of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as
    system availability. (CVE-2021-20225)

  - A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs
    a length calculation on the assumption that expressing a quoted single quote will require 3 characters,
    while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each
    quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as
    well as system availability. (CVE-2021-20233)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://linux.oracle.com/errata/ELSA-2021-0699.html");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-20233");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/03/02");
  script_set_attribute(attribute:"patch_publication_date", value:"2021/03/05");
  script_set_attribute(attribute:"plugin_publication_date", value:"2021/03/05");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:grub2");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:grub2-common");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:grub2-efi-aa64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:grub2-efi-aa64-cdboot");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:grub2-efi-ia32");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:grub2-efi-ia32-cdboot");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:grub2-efi-ia32-modules");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:grub2-efi-x64");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:grub2-efi-x64-cdboot");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:grub2-efi-x64-modules");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:grub2-pc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:grub2-pc-modules");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:grub2-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:grub2-tools-extra");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:grub2-tools-minimal");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Oracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/local_checks_enabled");

  exit(0);
}


include('audit.inc');
include('global_settings.inc');
include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');
os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);

if (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);

pkgs = [
    {'reference':'grub2-2.02-0.87.0.7.el7_9.2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-2.02-0.87.0.8.el7_9.2', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-common-2.02-0.87.0.7.el7_9.2', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-efi-aa64-2.02-0.87.0.8.el7_9.2', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-efi-aa64-cdboot-2.02-0.87.0.8.el7_9.2', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-efi-ia32-2.02-0.87.0.7.el7_9.2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-efi-ia32-cdboot-2.02-0.87.0.7.el7_9.2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-efi-ia32-modules-2.02-0.87.0.7.el7_9.2', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-efi-x64-2.02-0.87.0.7.el7_9.2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-efi-x64-cdboot-2.02-0.87.0.7.el7_9.2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-efi-x64-modules-2.02-0.87.0.7.el7_9.2', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-pc-2.02-0.87.0.7.el7_9.2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-pc-modules-2.02-0.87.0.7.el7_9.2', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-tools-2.02-0.87.0.7.el7_9.2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-tools-2.02-0.87.0.8.el7_9.2', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-tools-extra-2.02-0.87.0.7.el7_9.2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-tools-extra-2.02-0.87.0.8.el7_9.2', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-tools-minimal-2.02-0.87.0.7.el7_9.2', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},
    {'reference':'grub2-tools-minimal-2.02-0.87.0.8.el7_9.2', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}
];

flag = 0;
foreach package_array ( pkgs ) {
  reference = NULL;
  release = NULL;
  sp = NULL;
  cpu = NULL;
  el_string = NULL;
  rpm_spec_vers_cmp = NULL;
  epoch = NULL;
  allowmaj = NULL;
  rpm_prefix = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];
  if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
  if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
  if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];
  if (reference && release) {
    if (rpm_prefix) {
        if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
    } else {
        if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
    }
  }
}

if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grub2 / grub2-common / grub2-efi-aa64 / etc');
}
VendorProductVersionCPE
oraclelinux7cpe:/o:oracle:linux:7
oraclelinuxgrub2p-cpe:/a:oracle:linux:grub2
oraclelinuxgrub2-commonp-cpe:/a:oracle:linux:grub2-common
oraclelinuxgrub2-efi-aa64p-cpe:/a:oracle:linux:grub2-efi-aa64
oraclelinuxgrub2-efi-aa64-cdbootp-cpe:/a:oracle:linux:grub2-efi-aa64-cdboot
oraclelinuxgrub2-efi-ia32p-cpe:/a:oracle:linux:grub2-efi-ia32
oraclelinuxgrub2-efi-ia32-cdbootp-cpe:/a:oracle:linux:grub2-efi-ia32-cdboot
oraclelinuxgrub2-efi-ia32-modulesp-cpe:/a:oracle:linux:grub2-efi-ia32-modules
oraclelinuxgrub2-efi-x64p-cpe:/a:oracle:linux:grub2-efi-x64
oraclelinuxgrub2-efi-x64-cdbootp-cpe:/a:oracle:linux:grub2-efi-x64-cdboot
Rows per page:
1-10 of 161

Related

nessus 63
oraclelinux 4
fedora 6
redhat 14
suse 1
osv 12
amazon 2
almalinux 3
rocky 2
debian 2
archlinux 1
ibm 1
ubuntu 1
photon 8
hp 2
rosalinux 2
mageia 2
gentoo 1
redos 1
mscve 1
veracode 7
prion 7
debiancve 7
cbl_mariner 14
redhatcve 8
cve 7
alpinelinux 7
ubuntucve 7
githubexploit 1
ics 1
nessus
nessus
SUSE SLES12 Security Update : grub2 (SUSE-SU-2021:0681-1)
2021-03-03 00:00:00
RHEL 7 : grub2 (RHSA-2021:0704)
2021-03-02 00:00:00
Oracle Linux 8 : SUMM: / grub2 (ELSA-2021-0696)
2021-03-05 00:00:00
oraclelinux
oraclelinux
grub2 security update
2021-03-05 00:00:00
grub2 security update
2021-03-02 00:00:00
grub2 security update
2021-03-02 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: grub2-2.06~rc1-2.fc34
2021-03-26 00:18:32
[SECURITY] Fedora 34 Update: efi-rpm-macros-5-2.fc34
2021-04-23 21:04:07
[SECURITY] Fedora 33 Update: grub2-2.06~rc1-1.fc33
2021-04-10 23:06:25
redhat
redhat
(RHSA-2021:0703) Moderate: grub2 security update
2021-03-02 18:59:01
(RHSA-2021:2566) Moderate: fwupd security update
2021-06-29 13:41:47
(RHSA-2021:2790) Moderate: shim and fwupd security update
2021-07-20 13:20:20
suse
suse
Security update for grub2 (important)
2021-03-22 00:00:00
osv
osv
grub2 - security update
2021-03-02 00:00:00
Moderate: shim security update
2021-05-18 05:57:10
Moderate: shim security update
2021-05-18 05:57:10
amazon
amazon
Medium: grub2
2021-07-14 20:30:00
Medium: grub2
2021-07-14 20:30:00
almalinux
almalinux
Moderate: fwupd security update
2021-06-29 13:41:47
Moderate: grub2 security update
2021-03-02 18:54:21
Moderate: shim security update
2021-05-18 05:57:10
rocky
rocky
fwupd security update
2021-06-29 13:41:47
shim security update
2021-05-18 05:57:10
debian
debian
[SECURITY] [DSA 4867-1] grub2 security update
2021-03-02 18:11:33
[SECURITY] [DSA 4867-1] grub2 security update
2021-03-02 18:11:33
archlinux
archlinux
[ASA-202106-43] grub: multiple issues
2021-06-15 00:00:00
ibm
ibm
Security Bulletin: GRUB2 as used by IBM QRadar SIEM is vulnerable to arbitrary code execution
2021-07-26 13:09:02
ubuntu
ubuntu
GRUB 2 vulnerabilities
2021-06-18 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-1.0-0376
2021-03-31 00:00:00
Important Photon OS Security Update - PHSA-2021-0202
2021-03-03 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2021-2.0-0334
2021-04-02 00:00:00
hp
hp
HP PC UEFI Secure Boot Database Update July 2022
2022-07-21 00:00:00
HPSBHF03678 rev. 2 - GRUB2 Bootloader Arbitrary Code Execution
2020-07-25 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1849
2021-07-02 17:01:29
Advisory ROSA-SA-2023-2300
2023-12-05 10:31:19
mageia
mageia
Updated grub2 packages fix security vulnerabilities
2021-07-09 01:43:19
Updated gnutls packages fix security vulnerabilities
2021-06-29 00:16:35
gentoo
gentoo
GRUB: Multiple vulnerabilities
2021-04-30 00:00:00
redos
redos
ROS-20220920-01
2022-09-20 00:00:00
mscve
mscve
Microsoft Guidance for Addressing Security Feature Bypass in GRUB
2020-07-29 07:00:00
veracode
veracode
Privilege Escalation
2021-03-03 05:51:57
Arbitrary Code Execution
2021-03-03 06:00:37
Arbitrary Code Execution
2021-03-03 08:01:56
prion
prion
Design/Logic Flaw
2021-03-03 17:15:00
Design/Logic Flaw
2021-03-03 17:15:00
Design/Logic Flaw
2021-03-03 17:15:00
debiancve
debiancve
CVE-2020-27749
2021-03-03 17:15:00
CVE-2020-27779
2021-03-03 17:15:00
CVE-2021-20225
2021-03-03 17:15:00
cbl_mariner
cbl_mariner
CVE-2020-27749 affecting package grub2 2.06~rc1-7
2022-04-26 20:17:11
CVE-2020-25632 affecting package grub2 2.06~rc1-7
2022-04-26 20:17:11
CVE-2020-25632 affecting package grub2 2.06~rc1-10
2021-05-06 23:56:52
redhatcve
redhatcve
CVE-2020-14372
2021-03-02 18:03:04
CVE-2020-25632
2021-03-02 18:33:21
CVE-2021-20225
2021-03-02 21:13:28
cve
cve
CVE-2020-25632
2021-03-03 17:15:00
CVE-2020-27749
2021-03-03 17:15:00
CVE-2020-25647
2021-03-03 17:15:00
alpinelinux
alpinelinux
CVE-2020-25632
2021-03-03 17:15:00
CVE-2020-14372
2021-03-03 17:15:00
CVE-2021-20233
2021-03-03 17:15:00
ubuntucve
ubuntucve
CVE-2020-25632
2021-03-02 00:00:00
CVE-2020-27779
2021-03-02 00:00:00
CVE-2021-20233
2021-03-02 00:00:00
githubexploit
githubexploit
Exploit for Incomplete List of Disallowed Inputs in Gnu Grub2
2021-04-19 23:36:25
ics
ics
Hitachi Energy APM Edge (Update A)
2022-10-18 12:00:00

8.3 High

AI Score

Confidence

High

JSON
Related for ORACLELINUX_ELSA-2021-0699.NASL
nessus63oraclelinux4fedora6redhat14suse1osv12amazon2almalinux3rocky2debian2archlinux1ibm1ubuntu1photon8hp2rosalinux2mageia2gentoo1redos1mscve1veracode7prion7debiancve7cbl_mariner14redhatcve8cve7alpinelinux7ubuntucve7githubexploit1ics1