28 matches found
CVE-2020-14372
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...
Design/Logic Flaw
A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdow...
Arbitrary Code Execution
grub is vulnerable to arbitrary code execution. The ACPI command is incorrectly enabled when Secure Boot is enabled, allowing an attacker to craft a malicious SSDT that overwrites the memory containing the kernel lockdown variable content, resulting in arbitrary code execution...
grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled
A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...
Moderate: Red Hat Security Advisory: grub2 security update
An update for grub2 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
CVE-2020-14372
A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...
RHEL 8 : grub2 (RHSA-2021:0698)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0698 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...
PT-2020-6588 · Grub2 +10 · Grub2 +10
Name of the Vulnerable Software and Affected Versions: grub2 versions prior to 2.06 Description: A flaw was found in grub2 where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System...