SUSE CVE-2016-9379

The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file...

SUSE CVE-2016-10277

An elevation of privilege vulnerability in the Motorola bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing...

SUSE CVE-2017-3225

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt...

SUSE CVE-2017-3226

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot's AES-CBC encryption feature using environment encryption i.e., setting the configuration parameter CONFIGENVAES=y read environment variables from disk as the encrypte...

SUSE CVE-2019-14198

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy with a failed length check at nfsreadreply when calling storeblock in the NFSv3 case...

SUSE CVE-2019-14865

A flaw was found in the grub2-set-bootflag utility of grub2. A local attacker could run this utility under resource pressure for example by setting RLIMIT, causing grub2 configuration files to be truncated and leaving the system unbootable on subsequent reboots...

SUSE CVE-2020-15707

Integer overflows were discovered in the functions grubcmdinitrd and grubinitrdinit in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu the functionality is not included in GRUB2 upstream, leading to a heap-based buffer overflow. These could be triggered by an extremely...

SUSE CVE-2021-26347

Failure to validate the integer operand in ASP AMD Secure Processor bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential denial of service...

SUSE CVE-2021-28693

xen/arm: Boot modules are not scrubbed The bootloader will load boot modules e.g. kernel, initramfs... in a temporary area before they are copied by Xen to each domain memory. To ensure sensitive data is not leaked from the modules, Xen must "scrub" them before handing the page over to the...

SUSE CVE-2022-34302

A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader...

SUSE CVE-2022-34303

A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use...

SUSE CVE-2022-34301

A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader...

SUSE CVE-2022-34835

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the doi2cmd function...

The vulnerability of the ASP Bootloader for AMD processors allows a hacker to trigger a system failure.

The vulnerability of the ASP Bootloader for AMD processors arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure remotely...

[SECURITY] [DLA 3312-1] shim security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3312-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort February 08, 2023 https://wiki.debian.org/LTS -...

Pixel Update Bulletin—February 2023Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2023-02-05 or later address all issues in this bulletin and all issues in the February 2023 Android...

CLSA-2023-1674815966 grub2: Fix of 2 CVEs

font: Reject glyphs exceeds font-maxglyphwidth or font-maxglyph height - font: Fix size overflow in grubfontgetglyphinternal - CVE-2022-2601: font: Fix several integer overflows in grubfontconstructglyph - CVE-2022-3775: font: Fix an integer underflow in blitcomb...

GSD-2023-1000860 efi: random: combine bootloader provided RNG seed with RNG protocol output

efi: random: combine bootloader provided RNG seed with RNG protocol output This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit...

CVE-2023-20527

Improper syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory out-of-bounds, potentially leading to a denial-of-service...

CVE-2023-20525

Insufficient syscall input validation in the ASP Bootloader may allow a privileged attacker to read memory outside the bounds of a mapped register potentially leading to a denial of service...