Lucene search

[email protected]NVD:CVE-2020-15707

HistoryJul 29, 2020 - 6:15 p.m.

CVE-2020-15707

2020-07-2918:15:14

CWE-362

CWE-190

[email protected]

web.nvd.nist.gov

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.3%

JSON

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.

Affected configurations

NVD

Node

gnugrub2Range≤2.04

Node

redhatenterprise_linux_atomic_hostMatch-

redhatopenshift_container_platformMatch4.0

redhatenterprise_linuxMatch7.0

redhatenterprise_linuxMatch8.0

Node

microsoftwindows_10Match-

microsoftwindows_10Match1607

microsoftwindows_10Match1709

microsoftwindows_10Match1803

microsoftwindows_10Match1809

microsoftwindows_10Match1903

microsoftwindows_10Match1909

microsoftwindows_10Match2004

microsoftwindows_8.1Match-

microsoftwindows_rt_8.1Match-

microsoftwindows_server_2012Match-

microsoftwindows_server_2012Matchr2

microsoftwindows_server_2016Match-

microsoftwindows_server_2016Match1903

microsoftwindows_server_2016Match1909

microsoftwindows_server_2016Match2004

microsoftwindows_server_2019Match-

Node

canonicalubuntu_linuxMatch14.04esm

canonicalubuntu_linuxMatch16.04esm

canonicalubuntu_linuxMatch18.04lts

canonicalubuntu_linuxMatch20.04lts

Node

debiandebian_linuxMatch10.0

Node

opensuseleapMatch15.1

opensuseleapMatch15.2

susesuse_linux_enterprise_serverMatch11

susesuse_linux_enterprise_serverMatch12

susesuse_linux_enterprise_serverMatch15

Node

netappactive_iq_unified_managerRange9.5≥vmware_vsphere

References

lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html

lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html

ubuntu.com/security/notices/USN-4432-1

www.openwall.com/lists/oss-security/2020/07/29/3

access.redhat.com/security/vulnerabilities/grub2bootloader

lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html

portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011

security.gentoo.org/glsa/202104-05

security.netapp.com/advisory/ntap-20200731-0008/

usn.ubuntu.com/4432-1/

wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass

www.debian.org/security/2020-GRUB-UEFI-SecureBoot

www.debian.org/security/2020/dsa-4735

www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/

www.openwall.com/lists/oss-security/2020/07/29/3

www.suse.com/c/suse-addresses-grub2-secure-boot-issue/

www.suse.com/support/kb/doc/?id=000019673

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.3%

JSON

Related for NVD:CVE-2020-15707