RLSA-2022:5095 Important: grub2, mokutil, shim, and shim-unsigned-x64 security update

The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a...

grub2, mokutil, shim, and shim-unsigned-x64 security update

An update is available for grub2, shim, shim-unsigned-x64, mokutil. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The grub2 packages provide version 2 of the...

Important: grub2, mokutil, shim, and shim-unsigned-x64 security update

The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a...

ALSA-2022:5099 Important: grub2, mokutil, shim, and shim-unsigned-x64 security update

The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. The shim package contains a...

DEBIAN-CVE-2022-30790

Das U-Boot 2022.01 has a Buffer Overflow, a different issue than CVE-2022-30552...

DEBIAN-CVE-2022-30552

Das U-Boot 2022.01 has a Buffer Overflow...

Das U-Boot 缓冲区错误漏洞

Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A security vulnerability exists in Das U-Boot 2022.01 and earlier versions, which stems from the...

grub2 缓冲区错误漏洞

grub2 is a Linux system boot program from the US GNU community. A buffer error vulnerability exists in grub2 that stems from an out-of-bounds write when handling split HTTP headers...

grub2 数据伪造问题漏洞

grub2 is a Linux system boot program from the US GNU community. A data forgery issue vulnerability exists in grub2 that stems from the shimlock validator allowing non-kernel files to be loaded...

Das U-Boot 安全漏洞

Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A security vulnerability exists in Das U-Boot, which stems from nfslookupreply in net/nfs.c having an infinite...

CVE-2021-26361

A malicious or compromised User Application UApp or AGESA Boot Loader ABL could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure...

Information disclosure

A malicious or compromised User Application UApp or AGESA Boot Loader ABL could be used by an attacker to exfiltrate arbitrary memory from the ASP stage 2 bootloader potentially leading to information disclosure...

PT-2022-9737 · Amd · Agesa Boot Loader +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A malicious or compromised User Application UApp or AGESA Boot Loader ABL could be used by an attacker to exfiltrate arbitrary memory from the ASP stage...

CVE-2022-23822

In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader FSBL by bypassing authentication and loading a malicious image onto the device. This in turn may further allow the attacker to perform additional attacks such as such as using the device as a...

CVE-2022-23822

In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader FSBL by bypassing authentication and loading a malicious image onto the device. This in turn may further allow the attacker to perform additional attacks such as such as using the device as a...

CVE-2022-23822

CVE-2022-23822 concerns the Zynq-7000 SoC First Stage Boot Loader (FSBL). A physical attack may bypass FSBL authentication and load a malicious image onto the device, enabling the attacker to perform further actions such as using the device as a decryption oracle. The NVD entry notes a mitigation...

CVE-2022-23822

In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader FSBL by bypassing authentication and loading a malicious image onto the device. This in turn may further allow the attacker to perform additional attacks such as such as using the device as a...

CVE-2022-23822

In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot Loader FSBL by bypassing authentication and loading a malicious image onto the device. This in turn may further allow the attacker to perform additional attacks such as such as using the device as a...

Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities (cisco-sa-cdb-cmicr-vulns-KJjFtNb)

According to its self-reported version, Cisco Catalyst Digital Building Series Switches and Cisco Catalyst Micro Switches Vulnerabilities is affected by the following vulnerabilities: - A denial of service DoS vulnerability exists in the boot loader. An unauthenticated, physical attacker can...

Samsung Ldfw 缓冲区错误漏洞

Samsung Ldfw is a loadable firmware from Samsung South Korea. A security vulnerability exists in Samsung LDFW and BL31 that stems from incorrect boundary checking of the LDFW and BL31 security logs, allowing an attacker to arbitrarily write to memory and execute code...