13 matches found
CVE-2023-4949
An attacker with local access to a system either through a disk or external drive can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation...
EUVD-2023-38406
Malicious code in bioql PyPI...
ALPINE-CVE-2023-34325
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...
Stack overflow
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...
UBUNTU-CVE-2023-34325
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...
CVE-2023-34325 Multiple vulnerabilities in libfsimage disk handling
This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...
CVE-2023-34325
CVE-2023-34325 concerns Xen’s copy of libfsimage (derived from grub) used by pygrub. A stack buffer overflow can be triggered by guest-controlled input when pygrub runs with superuser privileges in a privileged domain. Xen notes patches to run pygrub in deprivileged mode to avoid exploitation. CV...
CVE-2023-4949
An attacker with local access to a system either through a disk or external drive can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation...
CVE-2023-4949
An attacker with local access to a system either through a disk or external drive can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation...
CVE-2023-4949 Memory Corruption Vulnerability in Grub-Legacy's XFS Implementation
An attacker with local access to a system either through a disk or external drive can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation...
CVE-2023-4949 Memory Corruption Vulnerability in Grub-Legacy's XFS Implementation
An attacker with local access to a system either through a disk or external drive can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file system implementation...
CVE-2023-4949
CVE-2023-4949 involves a memory corruption vulnerability in grub-legacy’s XFS filesystem handling when a modified XFS partition is presented to grub by an attacker with local system access. Affected component: grub-legacy’s XFS file system implementation (via libfsimage/pygrub code paths). Impact...
Multiple vulnerabilities in libfsimage disk handling
ISSUE DESCRIPTION libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the same user as the toolstack root in a priviledged domain. At least one issue has been reported to the Xen...