Design/Logic Flaw

An authenticated attacker can impact the integrity of the ArubaOS bootloader on 7xxx series controllers. Successful exploitation can compromise the hardware chain of trust on the impacted controller...

Design/Logic Flaw

A vulnerability exists in the ArubaOS bootloader on 7xxx series controllers which can result in a denial of service DoS condition on an impacted system. A successful attacker can cause a system hang which can only be resolved via a power cycle of the impacted controller...

grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass

A flaw was found where a maliciously crafted pf2 font could lead to an out-of-bounds write in grub2. A successful attack can lead to memory corruption and secure boot circumvention...

[SECURITY] Fedora 35 Update: grub2-2.06-14.fc35

The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of kernel formats, file systems, computer architectures and hardware devices...

Fedora: Security Advisory for grub2 (FEDORA-2022-f86e203baf)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

The vulnerability of the Grub configuration file allows a perpetrator to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Grub configuration file is related to writing beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

[SECURITY] Fedora 37 Update: grub2-2.06-63.fc37

The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of kernel formats, file systems, computer architectures and hardware devices...

The vulnerability of the grub_font_construct_glyph() function, a loader for the Grub2 operating system, allows a hacker to execute arbitrary code.

The vulnerability of the grubfontconstructglyph function, a part of the Grub2 operating system loader, is related to the issue where an operation goes beyond the buffer boundaries in memory when processing specially formatted glyphs in the pf2 format. Exploiting this vulnerability allows an...

CVE-2022-37908

An authenticated attacker can impact the integrity of the ArubaOS bootloader on 7xxx series controllers. Successful exploitation can compromise the hardware chain of trust on the impacted controller...

CVE-2022-37908

An authenticated attacker can impact the integrity of the ArubaOS bootloader on 7xxx series controllers. Successful exploitation can compromise the hardware chain of trust on the impacted controller...

CVE-2022-37908

CVE-2022-37908 affects ArubaOS bootloader on Aruba 7xxx series controllers. The root cause, as described in connected sources, is a bootloader integrity issue that allows an authenticated attacker to impact the integrity of the bootloader and, consequently, compromise the hardware chain of trust ...

CVE-2022-37907

ArubaOS bootloader on 7xxx series Mobility Controllers is affected by a DoS vulnerability that can cause a system hang requiring a power cycle. The issue stems from the bootloader and impacts availability (CVE-2022-37907). The public description consistently states DoS as the outcome; explicit ex...

CVE-2022-37907

A vulnerability exists in the ArubaOS bootloader on 7xxx series controllers which can result in a denial of service DoS condition on an impacted system. A successful attacker can cause a system hang which can only be resolved via a power cycle of the impacted controller...

CVE-2022-3675

Fedora CoreOS supports setting a GRUB bootloader password using a Butane config. When this feature is enabled, GRUB requires a password to access the GRUB command-line, modify kernel command-line arguments, or boot non-default OSTree deployments. Recent Fedora CoreOS releases have a...

Default credentials

Fedora CoreOS supports setting a GRUB bootloader password using a Butane config. When this feature is enabled, GRUB requires a password to access the GRUB command-line, modify kernel command-line arguments, or boot non-default OSTree deployments. Recent Fedora CoreOS releases have a...

CVE-2022-3675

Fedora CoreOS supports setting a GRUB bootloader password using a Butane config. When this feature is enabled, GRUB requires a password to access the GRUB command-line, modify kernel command-line arguments, or boot non-default OSTree deployments. Recent Fedora CoreOS releases have a...

CVE-2022-3675

Fedora CoreOS supports setting a GRUB bootloader password using a Butane config. When this feature is enabled, GRUB requires a password to access the GRUB command-line, modify kernel command-line arguments, or boot non-default OSTree deployments. Recent Fedora CoreOS releases have a...

CVE-2022-3675

CVE-2022-3675 affects Fedora CoreOS where a misconfiguration in GRUB password handling allows booting non-default OSTree deployments without entering a password, potentially reverting security fixes. Affected behavior: GRUB password protects access to GRUB CLI and kernel cmdline modifications, bu...

Nokia ASIK AirScale System Module

1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION: Low attack complexity Vendor: Nokia Equipment: ASIK AirScale 5G Common System Module Vulnerabilities: Improper Access Control for Volatile Memory Containing Boot Code, Assumed-Immutable Data is Stored in Writable Memory 2. RISK EVALUATION Successful...

PT-2022-24141 · Aruba · Arubaos

Name of the Vulnerable Software and Affected Versions: ArubaOS versions on 7xxx series controllers affected versions not specified Description: A denial of service DoS condition can occur on an impacted system due to a vulnerability in the ArubaOS bootloader. This can cause a system hang that can...