grub2: Heap out-of-bounds write in short form option parser

A flaw was found in grub2. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste...

多款Qualcomm产品缓冲区错误漏洞

The Qualcomm Snapdragon SOC Snapdragon Processor is a chip from Qualcomm Incorporated that is used in mobile devices to process information. A buffer error vulnerability exists in various Qualcomm products. The vulnerability stems from the fact that a non-secure bootloader can unlock and modify...

ASB-A-174490700

In TBD of TBD, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the bootloader, with physical USB access, with no additional execution privileges needed. User interaction is not needed for exploitation...

[SECURITY] Fedora 33 Update: shim-unsigned-x64-15.4-5.fc33

Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments...

Fedora: Security Advisory for shim (FEDORA-2021-cab258a413)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for shim-unsigned-aarch64 (FEDORA-2021-cab258a413)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: shim-15.4-4

Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments. This package contains the version signed by the UEFI signing service...

[SECURITY] Fedora 34 Update: shim-unsigned-aarch64-15.4-1.fc34

Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments...

Fedora: Security Advisory for grub2 (FEDORA-2021-c5ed9c3970)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: grub2-2.06~rc1-2.fc34

The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of kernel formats, file systems, computer architectures and hardware devices...

CVE-2021-3418

If certificates that signed grub are installed into db, grub can be booted directly. It will then boot any kernel without signature validation. The booted kernel will think it was booted in secureboot mode and will implement lockdown, yet it could have been tampered. This flaw is a reintroduction...

[slackware-security] Slackware 14.2 kernel

New kernel packages are available for Slackware 14.2 to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/linux-4.4.261/: Upgraded. These updates fix various bugs and security issues, including the recently announced iSCSI vulnerabilities allowing local...

SUSE-SU-2021:0777-1 Security update for s390-tools

This update for s390-tools fixes the following issues: - Fixed an issue where IPL was not working when bootloader was installed on a SCSI disk with 4k physical blocksize without using a devicemapper target bsc1183041. - CVE-2021-25316: Do not use predictable temporary file names bsc1182777. - Mad...

SUSE-SU-2021:0776-1 Security update for s390-tools

This update for s390-tools fixes the following issues: - Fixed an issue where IPL was not working when bootloader was installed on a SCSI disk with 4k physical blocksize without using a devicemapper target bsc1183041. - CVE-2021-25316: Do not use predictable temporary file names bsc1182777. - Mad...

A flaw was found in grub2 in versions prior to 2.06 where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

...

DEBIAN-CVE-2021-20233

A flaw was found in grub2 in versions prior to 2.06. Setparamprefix in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one...

grub2 资源管理错误漏洞

grub2 is a Linux system boot program from the GNU community. A resource management error vulnerability exists in grub2 versions prior to 2.06, which stems from the rmmod command. No details of the vulnerability are provided at this time...

grub2 缓冲区错误漏洞

grub2 is a Linux system boot program from the GNU community. A buffer overflow vulnerability exists in grub2 versions prior to 2.06 in the grubusbdeviceinitialize function, which handles USB device initialization. No details of the vulnerability are provided at this time...

Debian DSA-4867-1 : grub2 - security update

Several vulnerabilities have been discovered in the GRUB2 bootloader. - CVE-2020-14372 It was discovered that the acpi command allows a privileged user to load crafted ACPI tables when Secure Boot is enabled. - CVE-2020-25632 A use-after-free vulnerability was found in the rmmod command. -...

grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...