SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR May-2024 Release 1, which originates from an authentication bypass in the bootloader...

SUSE-SU-2024:1507-1 Security update for SUSE Manager Server 4.3

This update fixes the following issues: cobbler: - Provide option to use pre-built GRUB bootloader - Prevent parallel executions of cobbler sync actions bsc1218764 image-sync-formula: - Update to version 0.1.1711646883.4a44375 Add missing URL tag Update license to SPDX syntax inter-server-sync: -...

[SECURITY] Fedora 38 Update: grub2-2.06-118.fc38

The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of kernel formats, file systems, computer architectures and hardware devices...

grub2: grub2-set-bootflag can be abused by local (pseudo-)users

A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original grubenv file. If the program is killed before the rename operation, the temporary file will not ...

[SECURITY] Fedora 39 Update: grub2-2.06-120.fc39

The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of kernel formats, file systems, computer architectures and hardware devices...

CVE-2024-32883 MCUboot Injection attack of unprotected TLV values

MCUboot is a secure bootloader for 32-bits microcontrollers. MCUboot uses a TLV tag-length-value structure to represent the meta data associated with an image. The TLVs themselves are divided into two sections, a protected and an unprotected section. The protected TLV entries are included as part...

CVE-2024-32883

MCUboot is affected by an issue where unprotected TLV entries can be injected into a signed image, because the protected/unprotected TLV distinction is not enforced. This can allow an attacker to influence dependency indications or boot records, potentially causing a processed image to be rejecte...

MCUboot 安全漏洞

MCUboot is an open source secure bootloader for 32-bit microcontrollers from mcu-tools. A security vulnerability exists in MCUboot. No information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor announcements...

The vulnerability of the System Recovery Bootloader for Windows operating systems allows attackers to circumvent existing security restrictions and enhance their privileges.

The vulnerability of the System Recovery Bootloader for Windows operating systems is related to errors in processing input data. Exploiting this vulnerability can allow attackers to circumvent existing security restrictions and gain increased privileges...

The vulnerability of the System Recovery Bootloader for Windows operating systems allows a hacker to bypass existing security restrictions and execute arbitrary code.

The vulnerability of the System Recovery Bootloader for Windows operating systems is related to buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to bypass existing security restrictions and execute arbitrary code...

CVE-2024-23593

A vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to modify the boot manager and escalate privileges...

CVE-2024-23593

Technical details about CVE-2024-23593 (Lenovo bootloader privilege escalation) are not provided in the connected documents; monitoring for updates is advised.

CVE-2024-23593

A vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to modify the boot manager and escalate privileges...

CVE-2024-23593

A vulnerability was reported in a system recovery bootloader that was part of the Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 that could allow a privileged attacker with local access to modify the boot manager and escalate privileges...

ROS-20240411-07

A vulnerability in the UEFI shim bootloader is related to errors in the MZ binary format. Exploitation of the vulnerability could allow an attacker to cause a denial of service The shim UEFI bootloader vulnerability is related to out-of-bounds read errors when attempting to check the SBAT...

ROS-20240410-11

The vulnerability of the Grub2 operating system boot loader is related to incomplete clearing of temporary or auxiliary resources. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service...

PC System Recovery Bootloader Vulnerabilities - Lenovo Support US

No description provided...

PT-2024-2999 · Microsoft · Windows 8 +2

Name of the Vulnerable Software and Affected Versions: Lenovo preloaded Windows 7 and 8 operating systems from 2012 to 2014 Description: A vulnerability was reported in a system recovery bootloader that could allow a privileged attacker with local access to modify the boot manager and escalate...

PT-2024-3000 · Microsoft · Windows 7 +2

Name of the Vulnerable Software and Affected Versions: Lenovo preloaded Windows versions 7 through 8 Description: A buffer overflow vulnerability was reported in a system recovery bootloader that could allow a privileged attacker with local access to execute arbitrary code. The vulnerability is...

CVE-2023-48426 Chromecast Bootloader & Kernel-level code-execution including compromise of user-data

u-boot bug that allows for u-boot shell and interrupt over UART...