CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
32.6%
Software: grub2 2.02
OS: ROSA Virtualization 2.1
package_evr_string: grub2-2.02-148.0.1.rv3
CVE-ID: CVE-2022-2601
BDU-ID: 2022-06819
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the grub_font_construct_glyph() function of the Grub2 operating systems boot loader is related to an operation exceeding buffer boundaries in memory when processing specially designed fonts in pf2 format. Exploitation of the vulnerability could allow an attacker to execute arbitrary code
CVE-STATUS: Fixed
CVE-REV: Execute the yum update grub2 command to close it.
CVE-ID: CVE-2021-3981
BDU-ID: 2023-07627
CVE-Crit: LOW
CVE-DESC.: A vulnerability in the Grub configuration file is related to the default permissions settings. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data
CVE-STATUS: Fixed
CVE-REV: Execute yum update grub2 to close.
CVE-ID: CVE-2021-3697
BDU-ID: 2022-06891
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the Grub configuration file is related to writing beyond buffer boundaries. Exploitation of the vulnerability allows an attacker to gain access to sensitive data, compromise its integrity, and cause a denial of service using a specially crafted JPEG image
CVE-STATUS: Resolved
CVE-REV: Execute yum update grub2 to close.
CVE-ID: CVE-2021-3696
BDU-ID: 2022-06896
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the Grub configuration file is related to writing beyond buffer boundaries. Exploitation of the vulnerability allows an attacker to gain access to sensitive data, compromise its integrity, and cause denial of service
CVE-STATUS: Fixed
CVE-REV: Execute yum update grub2 to close.
CVE-ID: CVE-2021-3695
BDU-ID: 2023-00286
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the Grub configuration file is related to writing beyond buffer boundaries. Exploitation of the vulnerability allows an attacker to gain access to sensitive data, compromise its integrity, and cause denial of service
CVE-STATUS: Fixed
CVE-REV: Execute yum update grub2 to close.
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
32.6%