Check Point Response to CVE-2020-10713 - GRUB2 bootloader is vulnerable to buffer overflow

Symptoms - CVE-2020-10713 states: "The GRUB2 boot loader is vulnerable to buffer overflow, which results in arbitrary code execution during the boot process, even when Secure Boot is enabled." For more information, refer to https://www.kb.cert.org/vuls/id/174059. Solution Gaia OS versions R81.10...

Grub2 Input Validation Error Vulnerability

grub2 is a Linux system bootloader from the GNU Project. An input validation error vulnerability exists in grub2 versions prior to 2.06. The vulnerability originates from a networked system or product that does not properly validate incoming data. No details of the vulnerability are provided at...

The vulnerability of the Grub.cfg configuration file of Grub2 operating system loaders, related to memory buffer overflow, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Grub.cfg configuration file of Grub2 operating systems is related to errors in eliminating certain elements. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

ALPINE-CVE-2020-10713

A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access...

grub2: Use-after-free redefining a function whilst the same function is already executing

GRUB2 contains a race condition in grubscriptfunctioncreate leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2...

Moderate: Red Hat Security Advisory: grub2 security and bug fix update

An update for grub2, shim, shim-signed, and fwupdate is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

grub2: Fail kernel validation without shim protocol

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim...

grub2: Integer overflow in grub_ext2_read_link leads to heap-based buffer overflow

A flaw was found in grub2 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32MAX causes an arithmetic overflow, leading to a zero-sized memory allocation with a subsequent heap-based buffer overflow. The highest threat from this...

grub2: Integer overflow in initrd size handling

Integer overflows were discovered in the functions grubcmdinitrd and grubinitrdinit in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu the functionality is not included in GRUB2 upstream, leading to a heap-based buffer overflow. These could be triggered by an extremely...

grub2: Fail kernel validation without shim protocol

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim...

Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems

A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide—including servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution or Windows system. Dubbed 'BootHole ' and tracked as...

Critical GRUB2 Bootloader Bug Affects Billions of Linux and Windows Systems

A team of cybersecurity researchers today disclosed details of a new high-risk vulnerability affecting billions of devices worldwide—including servers and workstations, laptops, desktops, and IoT systems running nearly any Linux distribution or Windows system. Dubbed 'BootHole' and tracked as...

grub2: Integer overflow in grub_squash_read_symlink may lead to heap-based buffer overflow

A flaw was found in grub2. When handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size, the name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data. The highes...

DEBIAN-CVE-2020-15706

GRUB2 contains a race condition in grubscriptfunctioncreate leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2...

UBUNTU-CVE-2020-15707

Integer overflows were discovered in the functions grubcmdinitrd and grubinitrdinit in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu the functionality is not included in GRUB2 upstream, leading to a heap-based buffer overflow. These could be triggered by an extremely...

[SECURITY] [DSA 4735-1] grub2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4735-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez July 29, 2020 https://www.debian.org/security/faq -...

PT-2020-6737 · Grub2 +7 · Grub2 +7

Name of the Vulnerable Software and Affected Versions: GRUB2 versions 2.04 and prior Description: The issue is related to an incorrect validation of cryptographic signatures in the GRUB2 bootloader, which can allow an attacker to bypass secure boot and execute arbitrary code, gaining full control...

PT-2020-3312 · Gnu +8 · Grub2 +8

The vulnerable software is GRUB2, a widely used bootloader for Linux and other operating systems. The affected versions are prior to 2.06. The issue is caused by a buffer overflow in the GRUB2 configuration file, which can be exploited by attackers to gain arbitrary code execution during the boot...

CVE-2020-13896

The web interface of Maipu MP1800X-50 7.5.3.14R devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime...

Cisco IOS XE Command Injection Vulnerability (CNVD-2020-31959)

Cisco IOS XE is the United States Cisco Cisco company's set of operating system developed for its network equipment. A command injection vulnerability exists in the handling of bootloader options in Cisco IOS XE Software, which arises from insufficient validation of input information when handlin...