21 matches found
Astra Linux – Vulnerability in grub2
There is a use-after-free vulnerability in the grubcmdchainloader function. The chainloader command is used to boot up operating systems that do not support multiboot and do not have direct support from GRUB2. When executing chainloader more than once, a use-after-free vulnerability is triggered...
Linux Distros Unpatched Vulnerability : CVE-2022-28736
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There's a use-after-free vulnerability in grubcmdchainloader function; The chainloader command is used to boot up operating systems that doesn't support multibo...
The vulnerability of the grub_cmd_chainloader() function, a loader for the Grub2 operating system, allows a hacker to gain access to confidential data and execute arbitrary code.
The vulnerability of the grubcmdchainloader function, a loader for the Grub2 operating system, is related to the repeated execution of the Chainloader command and the exploitation of the use-after-free vulnerability. Exploiting this vulnerability can allow an attacker to access confidential data...
There's a use-after-free vulnerability in grub_cmd_chainloader() function
...
AZL-27554 CVE-2022-28736 affecting package grub2 for versions less than 2.06-12
There's a use-after-free vulnerability in grubcmdchainloader function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If a...
CVE-2022-28736
There's a use-after-free vulnerability in grubcmdchainloader function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If a...
DEBIAN-CVE-2022-28736
There's a use-after-free vulnerability in grubcmdchainloader function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If a...
AZL-34791 CVE-2022-28736 affecting package grub2 for versions less than 2.06-14
There's a use-after-free vulnerability in grubcmdchainloader function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If a...
UBUNTU-CVE-2022-28736
There's a use-after-free vulnerability in grubcmdchainloader function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If a...
CVE-2022-28736
There's a use-after-free vulnerability in grubcmdchainloader function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If a...
SUSE CVE-2022-28736
There's a use-after-free vulnerability in grubcmdchainloader function; The chainloader command is used to boot up operating systems that doesn't support multiboot and do not have direct support from GRUB2. When executing chainloader more than once a use-after-free vulnerability is triggered. If a...
OESA-2022-1734 grub2 security update
GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn. Security Fixes: A flaw was found in grub2 when handling split HTTP headers. While processing a split HTTP header, grub2 wrongly advanc...
grub2: use-after-free in grub_cmd_chainloader()
A use-after-free vulnerability was found on grub2's chainloader command. This flaw allows an attacker to gain access to restricted data or cause arbitrary code execution if they can establish control from grub's memory allocation pattern...
grub2: use-after-free in grub_cmd_chainloader()
A use-after-free vulnerability was found on grub2's chainloader command. This flaw allows an attacker to gain access to restricted data or cause arbitrary code execution if they can establish control from grub's memory allocation pattern...
grub2: use-after-free in grub_cmd_chainloader()
A use-after-free vulnerability was found on grub2's chainloader command. This flaw allows an attacker to gain access to restricted data or cause arbitrary code execution if they can establish control from grub's memory allocation pattern...
grub2: use-after-free in grub_cmd_chainloader()
A use-after-free vulnerability was found on grub2's chainloader command. This flaw allows an attacker to gain access to restricted data or cause arbitrary code execution if they can establish control from grub's memory allocation pattern...
grub2: use-after-free in grub_cmd_chainloader()
A use-after-free vulnerability was found on grub2's chainloader command. This flaw allows an attacker to gain access to restricted data or cause arbitrary code execution if they can establish control from grub's memory allocation pattern...
SUSE: Security Advisory (SUSE-SU-2022:2038-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-28736
A use-after-free vulnerability was found on grub2's chainloader command. This flaw allows an attacker to gain access to restricted data or cause arbitrary code execution if they can establish control from grub's memory allocation pattern...
Fedora 30 : php-twig (2019-874015ee38)
Version 1.38.2 2019-03-12 - added TemplateWrapper::getTemplateName ---- Version 1.38.1 2019-03-12 - fixed class aliases ---- Version 1.38.0 2019-03-12 - fixed sandbox security issue under some circumstances, calling the toString method on an object was possible even if not allowed by the security...