8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
Low
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
26.3%
Grub loader vulnerability is related to out-of-bounds writes when processing delimited headers
HTTP. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of
denial of service
A vulnerability in the grub_cmd_chainloader() function of the Grub operating system loader program is related to
Chainloader command restart and triggering a use-after-free vulnerability. Exploitation
exploitation of the vulnerability may allow an attacker to gain access to confidential data and execute arbitrary code.
code.
Grub configuration file vulnerability is related to writing outside of buffer boundaries. Exploitation of the vulnerability
allows an attacker to gain access to sensitive data, compromise its integrity, and cause a
denial of service
Vulnerability of grub_net_recv_ip4_packets function of Grub operating systems loader program is related to
integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely,
execute arbitrary code by sending specially crafted IP packets
A vulnerability in the shim_lock component of the Grub boot loader is related to the loading of non-core files into a shim-enabled secure boot system.
shim-enabled secure boot system. Exploitation of the vulnerability could allow an attacker to break the secure boot trust chain.
secure boot trust chain
Grub configuration file vulnerability is related to writing outside buffer boundaries. Exploitation of the vulnerability
allows an attacker to gain access to sensitive data, compromise its integrity, and cause a
denial of service using a specially crafted JPEG image
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
redos | 7.3 | x86_64 | grub2-common | <= 2.06-55 | UNKNOWN |
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
Low
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
26.3%