59 matches found
Oracle Linux 7 : grub2 (ELSA-2026-5233)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5233 advisory. - Unregister gettext command on module unload CVE-2025-61662Orabug: 39112125 - Fix OOB write in grubnetsearchconfigfile CVE-2025-0624 Orabug: 37770226 - Add to...
MiracleLinux 7 : grub2-2.02-0.87.11.0.1.el7.AXS7 (AXSA:2022-4404:04)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4404:04 advisory. grub2: Integer underflow in grubnetrecvip4packets CVE-2022-28733 Tenable has extracted the preceding description block directly from the MiracleLinux securit...
TencentOS Server 2: grub2 (TSSA-2022:0288)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0288 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
CentOS 7 : grub2 (RHSA-2022:8900)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:8900 advisory. - Integer underflow in grubnetrecvip4packets; A malicious crafted IP packet can lead to an integer underflow in grubnetrecvip4packets function on rsm-totallen...
CLSA-2024-1724266264 grub2: Fix of 12 CVEs
Fix package version number - Use CloudLinux vendor cert - Make this package installable only on a system having Cloudlinux signed components: grub2 and kernel - Add patches from centos-8.5 ELS: - CVE-2021-3695: out-of-bounds write in the heap area by a crafted 16-bit grayscale PNG image -...
CBL Mariner 2.0 Security Update: grub2 (CVE-2022-28733)
The version of grub2 installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-28733 advisory. - Integer underflow in grubnetrecvip4packets; A malicious crafted IP packet can lead to an integer underflow in...
CVE-2022-28733 affecting package grub2 for versions less than 2.06-14
CVE-2022-28733 affecting package grub2 for versions less than 2.06-14. A patched version of the package is available...
CVE-2022-28733 affecting package grub2 for versions less than 2.06-12
CVE-2022-28733 affecting package grub2 for versions less than 2.06-12. A patched version of the package is available...
BELL-CVE-2022-28733 CVE-2022-28733 does not affect BellSoft software
Bulletin has no description...
AZL-34788 CVE-2022-28733 affecting package grub2 for versions less than 2.06-14
Integer underflow in grubnetrecvip4packets; A malicious crafted IP packet can lead to an integer underflow in grubnetrecvip4packets function on rsm-totallen value. Under certain circumstances the totallen value may end up wrapping around to a small integer number which will be used in memory...
AZL-27553 CVE-2022-28733 affecting package grub2 for versions less than 2.06-12
Integer underflow in grubnetrecvip4packets; A malicious crafted IP packet can lead to an integer underflow in grubnetrecvip4packets function on rsm-totallen value. Under certain circumstances the totallen value may end up wrapping around to a small integer number which will be used in memory...
CVE-2022-28733
Integer underflow in grubnetrecvip4packets; A malicious crafted IP packet can lead to an integer underflow in grubnetrecvip4packets function on rsm-totallen value. Under certain circumstances the totallen value may end up wrapping around to a small integer number which will be used in memory...
CVE-2022-28733
CVE-2022-28733 is a real grub2 vulnerability: an integer underflow in grub_net_recv_ip4_packets when processing IPv4 packets can cause a small rsm->total_len to wrap, potentially triggering a write past the end of a memory buffer. Public advisories (Debian DSA, Red Hat/NVD references) and vend...
CVE-2022-28733 Integer underflow in grub_net_recv_ip4_packets
Integer underflow in grubnetrecvip4packets; A malicious crafted IP packet can lead to an integer underflow in grubnetrecvip4packets function on rsm-totallen value. Under certain circumstances the totallen value may end up wrapping around to a small integer number which will be used in memory...
CVE-2022-28733
Integer underflow in grubnetrecvip4packets; A malicious crafted IP packet can lead to an integer underflow in grubnetrecvip4packets function on rsm-totallen value. Under certain circumstances the totallen value may end up wrapping around to a small integer number which will be used in memory...
F5 Networks BIG-IP : GRUB2 vulnerability (K000132893)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000132893 advisory. - Integer underflow in grubnetrecvip4packets; A malicious crafted IP packet can lead to an integer underflow in...
Oracle Linux 8 : grub2 (ELSA-2022-9471)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9471 advisory. - Add CVE-2022-28736 to the list JIRA: OLDIS-16371 - Fix: CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734, CVE-2022-28735...
Amazon Linux 2023 : grub2-common, grub2-efi-aa64, grub2-efi-aa64-cdboot (ALAS2023-2023-020)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-020 advisory. A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows an attacker to corrupt the data on the heap portion of the grub2's...
Advisory ROSA-SA-2023-2112
Software: grub2 2.02 OS: rosa-server79 packageevrstring: grub2-2.02-0.87 CVE-ID: CVE-2022-28733 BDU-ID: 2022-03372 CVE-Crit: HIGH CVE-DESC: A vulnerability in the grubnetrecvip4packets function of the Grub operating systems bootloader program is related to integer overflow. Exploitation of the...
Security Bulletin: IBM Security Verify Access Appliance includes components with known vulnerabilities
Summary Multiple Security Vulnerabilities were found in the IBM Security Verify Access ISVA Appliance Operating System layer. These vulnerabilities have been addressed in ISVA 10.0.5.0, which is linked below. Vulnerability Details CVEID:CVE-2022-2526 DESCRIPTION: systemd could allow a remote...