shim security update

An update is available for shim-unsigned-aarch64. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The shim package contains a first-stage UEFI boot loader that...

RLSA-2021:1734 Moderate: shim security update

The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. Security Fixes: grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled CVE-2020-14372 grub2: Use-after-free in...

CVE-2020-11284

CVE-2020-11284 describes a memory-protection issue in Qualcomm Snapdragon SoCs where a non-secure bootloader can unlock and modify previously locked memory through an improper system call sequence, making a memory region an untrusted input source for the secure boot loader. Affected platforms inc...

Insecure Usage Of Boot Loader Addresses

Das U-Boot has an insecure usage of addresses in boot loader. The boot loader in Das U-Boot mishandles the use of unit addresses in a FIT...

Arbitrary Code Execution

u-boot is vulnerable to arbitrary ry code execution. The boot loader in Das U-Boot mishandles a modified FIT and allows an attacker to execute arbitrary code on the host OS...

Unspecified Vulnerability in Das U-Boot (CNVD-2021-18393)

Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A security vulnerability exists in versions prior to Das U-Boot 2021.04-rc2, which stems from the loader...

Unspecified Vulnerability in Das U-Boot (CNVD-2021-18392)

Das U-Boot is a boot loader program mainly for embedded systems. The program supports many different computer system architectures such as PPC, ARM, AVR32, MIPS, x86, 68k, Nios and MicroBlaze. A security vulnerability exists in versions prior to Das U-Boot 2021.04-rc2 that stems from the bootload...

Cisco IOS XR Software for Cisco 8000 and NCS 540 Routers Image Verification Vulnerabilities (cisco-sa-ioxr-l-zNhcGCBt)

According to its self-reported version, the Cisco IOS XR Software is affected by multiple vulnerabilities that allow an authenticated, local attacker to execute unsigned code during the boot process, as follows: - A vulnerability in the GRUB boot loader of Cisco NCS 540 Series Routers, only when...

grub2 缓冲区错误漏洞

grub2 is a Linux system boot program from the GNU community. A buffer overflow vulnerability exists in grub2 versions prior to 2.06, which stems from a heap out-of-bounds write vulnerability discovered in shortened form. No details of the vulnerability are provided at this time...

Moderate: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 7.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

Moderate: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled

A flaw was found in grub2. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this...

grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...

grub2: Heap out-of-bounds write in short form option parser

A flaw was found in grub2. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste...

grub2: Use-after-free in rmmod command

A flaw was found in grub2. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The...

grub2: Out-of-bounds write in grub_usb_device_initialize()

A flaw was found in grub2. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the...

CVE-2020-26200

A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. This component is incorporated in Kaspersky Rescue Disk KRD and was trusted by the Authentication Agent of Full Disk Encryption in Kaspersky Endpoint Security KES...

CVE-2020-26200

A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. This component is incorporated in Kaspersky Rescue Disk KRD and was trusted by the Authentication Agent of Full Disk Encryption in Kaspersky Endpoint Security KES...

Design/Logic Flaw

A component of Kaspersky custom boot loader allowed loading of untrusted UEFI modules due to insufficient check of their authenticity. This component is incorporated in Kaspersky Rescue Disk KRD and was trusted by the Authentication Agent of Full Disk Encryption in Kaspersky Endpoint Security KES...

CVE-2021-27138

The boot loader in Das U-Boot before 2021.04-rc2 mishandles use of unit addresses in a FIT...