20 matches found
Astra Linux - уязвимость в grub2
A flaw was discovered in the HFS filesystem. When reading the name of an HFS volume during the grubfsmount function, the HFS filesystem driver uses the user-provided volume name as input without properly verifying the length of that name. This issue may lead to a heap-based out-of-bounds write...
EulerOS Virtualization 2.10.1 : grub2 (EulerOS-SA-2026-1119)
According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : GNU GRUB aka GRUB2 through 2.12 does not use a constant-time algorithm for grubcryptomemcmp and thus allows side-channel...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003007)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003007 advisory. Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parportptr integer is static, a 'secure boot' kernel command line...
PT-2026-2658
Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to February 2026 Patch Tuesday updates Description A vulnerability exists in the Desktop Window Manager component of Microsoft Windows that can lead to the disclosure of sensitive information to an unauthorized...
EUVD-2025-4787
Malicious code in bioql PyPI...
EulerOS 2.0 SP11 : grub2 (EulerOS-SA-2025-1928)
According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers...
Linux Distros Unpatched Vulnerability : CVE-2020-15780
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in drivers/acpi/acpiconfigfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by...
AZL-57614 CVE-2024-45780 affecting package grub2 for versions less than 2.06-15
A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap...
CVE-2024-45780
Grub2 TAR handling flaw (CVE-2024-45780): when reading tar files, grub2 may overflow allocation size due to integer overflow, causing a heap OOB write and potentially bypassing secure boot. Affected: grub2; Root cause: unchecked allocation length; Impact: confidentiality/integrity/availability hi...
DEBIAN-CVE-2024-45776
When reading the language .mo file in grubmofileopen, grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data o...
CVE-2024-45776 Grub2: grub-core/gettext: integer overflow leads to heap oob write and read.
When reading the language .mo file in grubmofileopen, grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data o...
CVE-2024-45774
A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded...
CVE-2024-45774
A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded...
CVE-2024-45774
CVE-2024-45774 affects grub2 (GRUB) with a heap out-of-bounds write in the JPEG parser caused by improper internal-buffer bounds checks. The issue can lead to leakage or overwrite of sensitive data and potentially bypass secure boot protections. Affected packages are grub2; multiple sources indic...
CVE-2024-45774 Grub2: reader/jpeg: heap oob write during jpeg parsing
A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded...
CVE-2024-45774
A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded...
PT-2025-6687 · Grub2 +5 · Grub2 +5
Name of the Vulnerable Software and Affected Versions: grub2 affected versions not specified Description: A flaw was found in grub2, where a specially crafted JPEG file can cause the JPEG parser to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. This cou...
PT-2024-37720 · Renesas +1 · R-Car Gen3 +1
Name of the Vulnerable Software and Affected Versions: Renesas R-Car Gen3 versions affected versions not specified Description: The issue is caused by a buffer overflow in the rcar dev init function due to the use of untrusted data rcar image number as a loop counter before verifying it against...
grub2: Stack buffer overflow in grub_parser_split_cmdline()
A flaw was found in grub2. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with...
grub2: Stack buffer overflow in grub_parser_split_cmdline()
A flaw was found in grub2. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with...