The vulnerability of the first-stage bootloader in ESP32 microcontrollers’ microprogramming software allows a hacker to obtain secure boot keys.

The vulnerability of the first-stage Secure Boot loader of ESP32 microcontrollers’ microprogramming software is related to insufficient handling of exceptional states. Exploiting this vulnerability can allow attackers to obtain secure boot keys...

PT-2022-3178 · Honeywell +1 · Honeywell Experion Pks Safety Manager +1

Name of the Vulnerable Software and Affected Versions: Honeywell Experion PKS Safety Manager version 5.02 Description: The issue is related to the use of hard-coded credentials in the Honeywell Experion PKS Safety Manager. The affected component is the POLO bootloader. An attacker with access to...

CLSA-2022-1655822366 Update of grub2

Use CloudLinux vendor cert...

CLSA-2022-1655821067 Update of grub2

Use CloudLinux vendor cert...

Fedora: Security Advisory for shim-unsigned-aarch64 (FEDORA-2022-98830efc68)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for shim (FEDORA-2022-98830efc68)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for shim-unsigned-x64 (FEDORA-2022-98830efc68)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: shim-unsigned-x64-15.6-1

Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments...

[SECURITY] Fedora 35 Update: shim-15.6-1

Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments. This package contains the version signed by the UEFI signing service...

grub2: shim_lock verifier allows non-kernel files to be loaded

A flaw was found in grub2. The shimlock verifier from grub2 allows non-kernel files to be loaded when secure boot is enabled, giving the possibility of unverified code or modules to be loaded when it should not be allowed...

grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap

A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows an attacker to corrupt the data on the heap portion of the grub2's memory, leading to possible code execution and the circumvention of the secure boot mechanism...

grub2: Out-of-bound write when handling split HTTP headers

A flaw was found in grub2 when handling split HTTP headers. While processing a split HTTP header, grub2 wrongly advances its control pointer to the internal buffer by one position, which can lead to an out-of-bounds write. This flaw allows an attacker to leverage this issue by crafting a maliciou...

grub2: Out-of-bound write when handling split HTTP headers

A flaw was found in grub2 when handling split HTTP headers. While processing a split HTTP header, grub2 wrongly advances its control pointer to the internal buffer by one position, which can lead to an out-of-bounds write. This flaw allows an attacker to leverage this issue by crafting a maliciou...

grub2: shim_lock verifier allows non-kernel files to be loaded

A flaw was found in grub2. The shimlock verifier from grub2 allows non-kernel files to be loaded when secure boot is enabled, giving the possibility of unverified code or modules to be loaded when it should not be allowed...

grub2: shim_lock verifier allows non-kernel files to be loaded

A flaw was found in grub2. The shimlock verifier from grub2 allows non-kernel files to be loaded when secure boot is enabled, giving the possibility of unverified code or modules to be loaded when it should not be allowed...

grub2: shim_lock verifier allows non-kernel files to be loaded

A flaw was found in grub2. The shimlock verifier from grub2 allows non-kernel files to be loaded when secure boot is enabled, giving the possibility of unverified code or modules to be loaded when it should not be allowed...

grub2: Crafted PNG grayscale images may lead to out-of-bounds write in heap

A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows an attacker to corrupt the data on the heap portion of the grub2's memory, leading to possible code execution and the circumvention of the secure boot mechanism...

Google Android Information Disclosure Vulnerability (CNVD-2022-62203)

Google Android is a Linux-based open source operating system from Google, Inc. Bootloader is one of the bootloaders. The vulnerability stems from incorrect boundary checking, which could lead to out-of-bounds reads. An attacker could exploit the vulnerability to obtain sensitive information...

Fedora: Security Advisory for grub2 (FEDORA-2022-27932fdd06)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: grub2-2.06-42.fc36

The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of kernel formats, file systems, computer architectures and hardware devices...