Lucene search
K

28 matches found

NVD
NVD
added 2021/03/03 5:15 p.m.19 views

CVE-2020-14372

A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...

7.5CVSS0.01738EPSS
Exploits0References5
Prion
Prion
added 2021/03/03 5:15 p.m.32 views

Design/Logic Flaw

A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...

6.2CVSS7AI score0.01738EPSS
Exploits0References5Affected Software7
Veracode
Veracode
added 2021/03/03 3:42 a.m.32 views

Arbitrary Code Execution

grub is vulnerable to arbitrary code execution. The ACPI command is incorrectly enabled when Secure Boot is enabled, allowing an attacker to craft a malicious SSDT that overwrites the memory containing the kernel lockdown variable content, resulting in arbitrary code execution...

7.5CVSS5.3AI score0.01738EPSS
Exploits0References7Affected Software3
RedHat Linux
RedHat Linux
added 2021/03/02 7:55 p.m.3 views

grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...

7.5CVSS5.8AI score0.01738EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/03/02 7:28 p.m.95 views

Moderate: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

8.2CVSS7AI score0.01738EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2021/03/02 6:3 p.m.50 views

CVE-2020-14372

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...

7.5CVSS7.2AI score0.01738EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/03/02 12:0 a.m.48 views

RHEL 8 : grub2 (RHSA-2021:0698)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0698 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...

8.2CVSS7.5AI score0.01738EPSS
Exploits0References18
Positive Technologies
Positive Technologies
added 2020/08/27 12:0 a.m.14 views

PT-2020-6588 · Grub2 +10 · Grub2 +10

Name of the Vulnerable Software and Affected Versions: grub2 versions prior to 2.06 Description: A flaw was found in grub2 where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System...

8.2CVSS6.9AI score0.04153EPSS
Exploits2References172
Rows per page
Query Builder