45 matches found
Oracle Linux 7 : grub2 (ELSA-2026-5233)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5233 advisory. - Unregister gettext command on module unload CVE-2025-61662Orabug: 39112125 - Fix OOB write in grubnetsearchconfigfile CVE-2025-0624 Orabug: 37770226 - Add to...
TencentOS Server 3: grub2, mokutil, shim, and shim-unsigned-x64 (TSSA-2022:0134)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0134 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CLSA-2024-1724266264 grub2: Fix of 12 CVEs
Fix package version number - Use CloudLinux vendor cert - Make this package installable only on a system having Cloudlinux signed components: grub2 and kernel - Add patches from centos-8.5 ELS: - CVE-2021-3695: out-of-bounds write in the heap area by a crafted 16-bit grayscale PNG image -...
CBL Mariner 2.0 Security Update: grub2 (CVE-2021-3696)
The version of grub2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-3696 advisory. - A heap out-of-bounds write May heppen during the handling of Huffman tables in the PNG reader. This may lead t...
Oracle Linux 8 : grub2 (ELSA-2022-9471)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9471 advisory. - Add CVE-2022-28736 to the list JIRA: OLDIS-16371 - Fix: CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735...
Amazon Linux 2023 : grub2-common, grub2-efi-aa64, grub2-efi-aa64-cdboot (ALAS2023-2023-020)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-020 advisory. A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows an attacker to corrupt the data on the heap portion of the grub2's...
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2883)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AlmaLinux 9 : grub2, mokutil, shim, and shim-unsigned-x64 (ALSA-2022:5099)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5099 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2611)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2562)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.0 : grub2 (EulerOS-SA-2022-2562)
According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects...
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2381)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2318)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-2255)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Rocky Linux 8 : grub2, mokutil, shim, and shim-unsigned-x64 (RLSA-2022:5095)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5095 advisory. - A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space...
AZL-31035 CVE-2021-3696 affecting package grub2 for versions less than 2.06-12
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of...
CVE-2021-3696
A heap out-of-bounds write may heppen during the handling of Huffman tables in the PNG reader. This may lead to data corruption in the heap space. Confidentiality, Integrity and Availablity impact may be considered Low as it's very complex to an attacker control the encoding and positioning of...
CVE-2021-3696
CVE-2021-3696 = heap out-of-bounds write during Huffman table handling in grub2’s PNG reader, causing potential heap corruption. Affected: grub2 before patch grub-2.12; implications listed as Low/Low/Low in some sources, with potential for data corruption and, in theory, arbitrary code execution ...
Oracle Linux 8 : grub2, / mokutil, / shim, / and / shim-unsigned-x64 (ELSA-2022-5095)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5095 advisory. - Add CVE-2020-15706, CVE-2020-15707 to the list Orabug: 31225072 - CVE-2022-28736 CVE-2022-28735 CVE-2022-28734 CVE-2022-28733 - CVE-2021-3697...
Important: Red Hat Security Advisory: grub2, mokutil, shim, and shim-unsigned-x64 security update
An update for grub2, mokutil, shim, and shim-unsigned-x64 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...