18 matches found
MiracleLinux 9 : grub2-2.06-70.el9_3.2.ML.1 (AXSA:2024-7491:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7491:01 advisory. grub2: bypass the GRUB password protection feature CVE-2023-4001 Tenable has extracted the preceding description block directly from the MiracleLinux securit...
TencentOS Server 4: grub2 (TSSA-2024:0949)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0949 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
CVE-2023-4001 affecting package grub2 for versions less than 2.12-1
CVE-2023-4001 affecting package grub2 for versions less than 2.12-1. A patched version of the package is available...
Amazon Linux 2023 : grub2-common, grub2-efi-aa64, grub2-efi-aa64-cdboot (ALAS2023-2024-555)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-555 advisory. The /boot/efi/EFI/fedora/grub.cfg configuration file allows an unprivileged user with physical access to a computer to bypass the GRUB password protection feature on many but not all UEFI-based systems...
Medium: grub2
Issue Overview: The "/boot/efi/EFI/fedora/grub.cfg" configuration file allows an unprivileged user with physical access to a computer to bypass the GRUB password protection feature on many but not all UEFI-based systems. CVE-2023-4001 Affected Packages: grub2 Issue Correction: Run dnf update grub...
Fedora 38 : grub2 (2024-633dc7e183)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-633dc7e183 advisory. Combined update for several fixes as well as security fix for CVE-2023-4001 Mon Jan 15 2024 Nicolas Frayer - 2.06-114 grub-core/commands: add flag t...
Oracle Linux 9 : grub2 (ELSA-2024-0468)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0468 advisory. 2.06-70.0.2.2 - search command: add flag to only search root dev - Resolves: CVE-2023-4001 Tenable has extracted the preceding description block directly from t...
AlmaLinux 9 : grub2 (ALSA-2024:0468)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:0468 advisory. - An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a device to search for the configuration file that contains the passwor...
Moderate: Red Hat Security Advisory: grub2 security update
An update for grub2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Moderate: Red Hat Security Advisory: grub2 security update
An update for grub2 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
grub2 security update
2.06-70.0.2.2 - search command: add flag to only search root dev - Resolves: CVE-2023-4001...
ALSA-2024:0468 Moderate: grub2 security update
The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fixes: grub2: bypass the...
Moderate: grub2 security update
The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular architecture. The packages support a variety of kernel formats, file systems, computer architectures, and hardware devices. Security Fixes: grub2: bypass the...
RHEL 9 : grub2 (RHSA-2024:0468)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0468 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...
RHEL 9 : grub2 (RHSA-2024:0456)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0456 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...
RHEL 9 : grub2 (RHSA-2024:0437)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0437 advisory. The grub2 packages provide version 2 of the Grand Unified Boot Loader GRUB, a highly configurable and customizable boot loader with modular...
CVE-2023-4001
CVE-2023-4001 affects GRUB2 on certain downstream Red Hat patches where an attacker with physical access can bypass GRUB password protection by using a removable drive with a duplicate UUID to locate the config file containing the password hash. The issue was introduced in a downstream patch (not...
BELL-CVE-2023-4001 CVE-2023-4001 does not affect BellSoft software
Bulletin has no description...