The vulnerability of Grub2 operating system loaders, related to integer overflows in value handling, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Grub2 operating system loader is related to a numerical overflow of the UINT32 value. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

The vulnerability in the implementation of the read_section_as_string() function of the Grub2 operating system allows a attacker to influence data integrity or cause service failures.

The vulnerability of the readsectionasstring function in the Grub2 operating system’s loader is related to the issue of data operations going beyond the buffer boundaries. This is because the maximum length of a UINT32MAX is 1 byte. Exploiting this vulnerability could allow an attacker to influen...

The vulnerability of Grub2 operating system loaders, related to operations occurring outside the data buffer, allows attackers to influence data integrity or cause service failures.

The vulnerability of Grub2 operating system loaders is related to the issue of operations going beyond the data buffer when processing symbolic links. Exploiting this vulnerability can allow an attacker to influence the integrity of data or cause service failures...

The vulnerability in the implementation of the grub_script_function_create() function of the Grub2 operating system allows a perpetrator to gain access to confidential data, affect the integrity of the data, and cause service failures.

The vulnerability of the grubscriptfunctioncreate function, which is part of the Grub2 operating system loader, stems from an error in function overriding. This function is already being executed. Exploiting this vulnerability could allow a perpetrator to access confidential data, compromise data...

The vulnerability of the implementation of the dynamic memory distribution function in the Grub2 operating system’s loader allows a attacker to influence the integrity, confidentiality, and accessibility of information.

The vulnerability of the implementation of the dynamic memory distribution function in the Grub2 operating system’s loader is related to integer overflow. Exploiting this vulnerability could allow an attacker to influence the integrity, confidentiality, and accessibility of information...

CVE-2020-0238

In updatePreferenceIntents of AccountTypePreferenceLoader, there is a possible confused deputy attack due to a race condition. This could lead to local escalation of privilege and launching privileged activities with no additional execution privileges needed. User interaction is not needed for...

PT-2020-11593 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions 8.0 through 10 Description: A logic flaw in the Settings app could lead to a confused deputy attack due to a race condition in the updatePreferenceIntents of AccountTypePreferenceLoader. This could result in local escalation ...

Moderate: Red Hat Security Advisory: grub2 security and bug fix update

An update for grub2, shim, shim-signed, and fwupdate is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

grub2: Fail kernel validation without shim protocol

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim...

AZL-6457 CVE-2020-14309 affecting package grub2 for versions less than 2.06~rc1-7

There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacke...

grub2: Crafted grub.cfg file can lead to arbitrary code execution during boot process

A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access...

Moderate: Red Hat Security Advisory: grub2 security and bug fix update

An update for grub2, shim, shim-signed, and fwupdate is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Moderate: Red Hat Security Advisory: grub2 security update

An update for grub2, shim, shim-unsigned-x64, and fwupd is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

xml-security: Apache Santuario potentially loads XML parsing code from an untrusted source

In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader first, then this...

CVE-2020-14343

A vulnerability was discovered in the PyYAML library, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw...

Lazarus Group Surfaces with Advanced Malware Framework

The North Korea-linked APT known as Lazarus Group has debuted an advanced, multipurpose malware framework, called MATA, to target Windows, Linux and macOS operating systems. Kaspersky researchers uncovered a series of attacks utilizing MATA so-called because the malware authors themselves call...

MATA: Multi-platform targeted malware framework

As the IT and OT environment becomes more complex, adversaries are quick to adapt their attack strategy. For example, as users work environments diversify, adversaries are busy acquiring the TTPs to infiltrate systems. Recently, we reported to our Threat Intelligence Portal customers a similar...

PyYAML -- arbitrary code execution

A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use the library to process untrusted input may be...

MTN Group: CVE-2018-6389 exploitation - using scripts loader

Issue Description Unauthenticated attackers can cause a denial of service resource consumption by using the large list of registered .js files from wp-includes/script-loader.php to construct a series of requests to load every file many times. The vulnerability is registered as CVE-2018-6389 76172...

Debian DLA-2262-1 : qemu security update

Several vulnerabilities were fixed in qemu, a fast processor emulator. CVE-2020-1983 slirp: Fix use-after-free in ipreass. CVE-2020-13361 es1370transferaudio in hw/audio/es1370.c allowed guest OS users to trigger an out-of-bounds access during an es1370write operation. CVE-2020-13362...