CVE-2023-48426 Chromecast Bootloader & Kernel-level code-execution including compromise of user-data

u-boot bug that allows for u-boot shell and interrupt over UART...

GNU grub2 安全漏洞

GNU GRUB2 is a Linux system bootloader from the American GNU community. GNU GRUB2 suffers from a post-release reuse vulnerability that originates from a confusion in the program's instructions responsible for freeing memory. An attacker could exploit this vulnerability to cause a program crash,...

PT-2024-2945 · Google · Android Pixel

Name of the Vulnerable Software and Affected Versions: Android Pixel versions affected versions not specified Description: The issue is related to an Information Disclosure vulnerability due to uninitialized data. This could lead to local information disclosure with no additional execution...

CVE-2024-28183

ESP-IDF is the development framework for Espressif SoCs supported on Windows, Linux and macOS. A Time-of-Check to Time-of-Use TOCTOU vulnerability was discovered in the implementation of the ESP-IDF bootloader which could allow an attacker with physical access to flash of the device to bypass...

CVE-2024-28183 Anti Rollback bypass with physical access and TOCTOU attack

ESP-IDF is the development framework for Espressif SoCs supported on Windows, Linux and macOS. A Time-of-Check to Time-of-Use TOCTOU vulnerability was discovered in the implementation of the ESP-IDF bootloader which could allow an attacker with physical access to flash of the device to bypass...

CVE-2024-28183 Anti Rollback bypass with physical access and TOCTOU attack

ESP-IDF is the development framework for Espressif SoCs supported on Windows, Linux and macOS. A Time-of-Check to Time-of-Use TOCTOU vulnerability was discovered in the implementation of the ESP-IDF bootloader which could allow an attacker with physical access to flash of the device to bypass...

CVE-2024-28183

CVE-2024-28183 describes a TOCTOU vulnerability in the ESP-IDF bootloader of Espressif SoCs. An attacker with physical access to device flash can bypass anti-rollback protection by altering flash contents after anti-rollback checks but before loading the application, enabling boot of partitions w...

CVE-2024-28183 Anti Rollback bypass with physical access and TOCTOU attack

ESP-IDF is the development framework for Espressif SoCs supported on Windows, Linux and macOS. A Time-of-Check to Time-of-Use TOCTOU vulnerability was discovered in the implementation of the ESP-IDF bootloader which could allow an attacker with physical access to flash of the device to bypass...

Fedora: Security Advisory for grub2 (FEDORA-2024-c1fabee30e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for shim-unsigned-aarch64 (FEDORA-2024-2aa28a4cfc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for shim-unsigned-x64 (FEDORA-2024-2aa28a4cfc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-4251

Name of the Vulnerable Software and Affected Versions ESP-IDF versions prior to 4.4.7 ESP-IDF versions prior to 5.2.1 Description A Time-of-Check to Time-of-Use TOCTOU vulnerability was discovered in the implementation of the ESP-IDF bootloader, which could allow an attacker with physical access ...

Fedora: Security Advisory for shim (FEDORA-2024-2aa28a4cfc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: grub2-2.06-116.fc38

The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of kernel formats, file systems, computer architectures and hardware devices...

[SECURITY] Fedora 38 Update: shim-unsigned-aarch64-15.8-2

Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments...

[SECURITY] Fedora 38 Update: shim-unsigned-x64-15.8-2

Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments...

[SECURITY] Fedora 38 Update: shim-15.8-2

Initial UEFI bootloader that handles chaining to a trusted full bootloader under secure boot environments. This package contains the version signed by the UEFI signing service...

[SECURITY] Fedora 39 Update: grub2-2.06-118.fc39

The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of kernel formats, file systems, computer architectures and hardware devices...

Fedora: Security Advisory (FEDORA-2024-097eb22907)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2024-1253 grub2 security update

GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will...