Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: grub2 (UTSA-2026-017477)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017477 advisory. A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB devi...

CVE-2025-61664 affecting package grub2 for versions less than 2.06-16

CVE-2025-61664 affecting package grub2 for versions less than 2.06-16. A patched version of the package is available...

CVE-2024-56737 affecting package grub2 for versions less than 2.06-25

CVE-2024-56737 affecting package grub2 for versions less than 2.06-25. A patched version of the package is available...

CVE-2024-45779 affecting package grub2 for versions less than 2.06-15

CVE-2024-45779 affecting package grub2 for versions less than 2.06-15. A patched version of the package is available...

Linux Distros Unpatched Vulnerability : CVE-2020-14308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the functio...

AZL-57159 CVE-2025-0690 affecting package grub2 for versions less than 2.06-15

The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it's possible to make this variable to...

A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in the input. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

...

grub2 安全漏洞

grub2 is a Linux system boot program from the GNU community. A security vulnerability in versions of grub2 prior to 2.06, where the cutmem command does not support secure boot locking, allows a privileged attacker to remove address ranges from memory, thus giving the opportunity to bypass secure...

PT-2021-5815

Name of the Vulnerable Software and Affected Versions grub2 versions prior to 2.06 Description A flaw was found in the menu rendering code of grub2, specifically in the Setparam prefix function, which performs a length calculation on the assumption that expressing a quoted single quote will requi...