Scientific Linux Security Update : grub2 on SL7.x x86_64 (20151215)

A flaw was found in the way the grub2 handled backspace characters entered in username and password prompts. An attacker with access to the system console could use this flaw to bypass grub2 password protection and gain administrative access to the system. CVE-2015-8370 This update also fixes the...

GLSA-201512-03 : GRUB: Authentication bypass

The remote host is affected by the vulnerability described in GLSA-201512-03 GRUB: Authentication bypass An integer underflow in GRUBs username/password authentication code has been discovered. Impact : An attacker with access to the system console may bypass the username prompt by entering a...

CentOS 7 : grub2 (CESA-2015:2623)

Updated grub2 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Integer overflow

Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service disk corruption via backspace characters in the 1 grubusernameget function in grub-core/normal/auth.c or the 2...

grub2 security update

CentOS Errata and Security Advisory CESA-2015:2653 Updated grub2 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base...