Lucene search
K

86 matches found

RedhatCVE
RedhatCVE
added 2024/12/29 2:58 p.m.17 views

CVE-2024-56737

A flaw was found in the HFS file system driver in grub2. This issue allows a local attacker to trigger a heap-based buffer overflow via a specially crafted sblock in a malicious HFS file system, causing memory corruption, unexpected behavior, and denial of service. Mitigation Do not run grub2 in ...

7.8CVSS8.5AI score0.00721EPSS
Exploits0References4
OSV
OSV
added 2024/12/29 7:15 a.m.6 views

AZL-54683 CVE-2024-56737 affecting package grub2 for versions less than 2.06-15

GNU GRUB aka GRUB2 through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem...

8.8CVSS7.1AI score0.00721EPSS
Exploits0References1
OSV
OSV
added 2024/12/29 7:15 a.m.1 views

DEBIAN-CVE-2024-56737

GNU GRUB aka GRUB2 through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem...

8.8CVSS7.2AI score0.00721EPSS
Exploits0References1
OSV
OSV
added 2024/12/29 7:15 a.m.10 views

AZL-54692 CVE-2024-56738 affecting package grub2 2.06-16

GNU GRUB aka GRUB2 through 2.12 does not use a constant-time algorithm for grubcryptomemcmp and thus allows side-channel attacks...

5.3CVSS7.3AI score0.00386EPSS
Exploits0References1
NVD
NVD
added 2024/12/29 7:15 a.m.16 views

CVE-2024-56737

GNU GRUB aka GRUB2 through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem...

8.8CVSS0.00721EPSS
Exploits0References1
OSV
OSV
added 2024/12/29 7:15 a.m.8 views

CVE-2024-56738

GNU GRUB aka GRUB2 through 2.12 does not use a constant-time algorithm for grubcryptomemcmp and thus allows side-channel attacks...

5.3CVSS6.7AI score
Exploits0References1
NVD
NVD
added 2024/12/29 7:15 a.m.16 views

CVE-2024-56738

GNU GRUB aka GRUB2 through 2.12 does not use a constant-time algorithm for grubcryptomemcmp and thus allows side-channel attacks...

5.3CVSS0.00386EPSS
Exploits0References1
OSV
OSV
added 2024/12/29 7:15 a.m.13 views

CVE-2024-56737

GNU GRUB aka GRUB2 through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem...

8.8CVSS7.2AI score
Exploits0References1
CVE
CVE
added 2024/12/29 12:0 a.m.86 views

CVE-2024-56738

CVE-2024-56738 details (Mode C): GNU GRUB (GRUB2) up to version 2.12 is affected because grub_crypto_memcmp is not implemented in constant time, enabling potential side-channel attacks. Connected Nessus entries for EulerOS/Virt show the same CVE-2024-56738 claim and reference. The description doe...

5.3CVSS7AI score0.00386EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/12/29 12:0 a.m.37 views

CVE-2024-56738

GNU GRUB aka GRUB2 through 2.12 does not use a constant-time algorithm for grubcryptomemcmp and thus allows side-channel attacks...

0.00386EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/29 12:0 a.m.7 views

CVE-2024-56738

GNU GRUB aka GRUB2 through 2.12 does not use a constant-time algorithm for grubcryptomemcmp and thus allows side-channel attacks...

5.3AI score0.00386EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/29 12:0 a.m.26 views

CVE-2024-56737

GNU GRUB aka GRUB2 through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem...

0.00721EPSS
Exploits0References1
CVE
CVE
added 2024/12/29 12:0 a.m.118 views

CVE-2024-56737

The CVE-2024-56737 issue affects GNU GRUB (GRUB2) up to version 2.12, with a heap-based buffer overflow in fs/hfs.c triggered by crafted sblock data on an HFS filesystem. Connected advisories reiter the flaw in grub2 and reference patched packages across platforms (e.g., grub2 2.06-14/61 notes in...

8.8CVSS7.4AI score0.00721EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/29 12:0 a.m.16 views

CVE-2024-56737

GNU GRUB aka GRUB2 through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem...

7.3AI score0.00721EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/29 12:0 a.m.3 views

PT-2024-37048

Name of the Vulnerable Software and Affected Versions GNU GRUB aka GRUB2 versions 2.12 and earlier Description The issue is related to the use of a non-constant time algorithm for grub crypto memcmp, which allows side-channel attacks. This means that an attacker could potentially exploit the...

5.3CVSS7AI score0.00386EPSS
Exploits0References53
Debian CVE
Debian CVE
added 2024/12/29 12:0 a.m.8 views

CVE-2024-56737

GNU GRUB aka GRUB2 through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem...

8.8CVSS7.2AI score0.00721EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/12/29 12:0 a.m.8 views

CVE-2024-56738

GNU GRUB aka GRUB2 through 2.12 does not use a constant-time algorithm for grubcryptomemcmp and thus allows side-channel attacks...

5.3CVSS7AI score0.00386EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/12/26 12:0 a.m.2 views

PT-2024-9919 · Gnu Grub +3 · Gnu Grub +3

Name of the Vulnerable Software and Affected Versions: GNU GRUB aka GRUB2 versions through 2.12 Description: The issue is a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem. This can allow a remote attacker to impact the confidentiality, integrity, and...

10CVSS6.5AI score0.01373EPSS
Exploits1References190
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.5 views

SUSE CVE-2013-4577

A certain Debian patch for GNU GRUB uses world-readable permissions for grub.cfg, which allows local users to obtain password hashes, as demonstrated by reading the passwordpbkdf2 directive in the file...

2.1CVSS6.7AI score0.00384EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.3 views

SUSE CVE-2017-10929

The grubmemmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted binary file, possibly related to a read overflow in the...

7.8CVSS7.8AI score0.01911EPSS
Exploits0References3
Rows per page
Query Builder