Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: grub2 (UTSA-2026-017480)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017480 advisory. A flaw was found in grub2 in versions prior to 2.06. Setparamprefix in the menu rendering code performs a length calculation on the assumption that expressing a quot...

Grub2: use-after-free in net_set_vlan

...

Linux Distros Unpatched Vulnerability : CVE-2020-15706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GRUB2 contains a race condition in grubscriptfunctioncreate leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the...

The vulnerability of the HFS File System Handler component in the Grub (Grub2) operating system allows a perpetrator to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the HFS File System Handler component in the Grub Grub2 operating system is related to buffer overflows in dynamic memory. Exploiting this vulnerability can allow an attacker to influence the confidentiality, integrity, and accessibility of protected information...

grub2 security vulnerability

grub2 is a Linux system boot program from the American GNU community. A security vulnerability exists in grub2 that stems from GRUB using the device's UUID to search for a configuration file containing a password hash for GRUB's password protection feature, resulting in an authentication bypass...

grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass

A flaw was found where a maliciously crafted pf2 font could lead to an out-of-bounds write in grub2. A successful attack can lead to memory corruption and secure boot circumvention...

grub2: Out-of-bound write when handling split HTTP headers

A flaw was found in grub2 when handling split HTTP headers. While processing a split HTTP header, grub2 wrongly advances its control pointer to the internal buffer by one position, which can lead to an out-of-bounds write. This flaw allows an attacker to leverage this issue by crafting a maliciou...

grub2: Integer underflow in grub_net_recv_ip4_packets

A flaw was found in grub2 when handling IPv4 packets. This flaw allows an attacker to craft a malicious packet, triggering an integer underflow in grub code. Consequently, the memory allocation for handling the packet data may be smaller than the size needed. This issue causes an out-of-bands wri...

DEBIAN-CVE-2021-3981

A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventually read any encrypted passwords present in...

grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled

A flaw was found in grub2. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this...

grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...

grub2: Stack buffer overflow in grub_parser_split_cmdline()

A flaw was found in grub2. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with...

grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...

grub2: cutmem command allows privileged user to remove memory regions when Secure Boot is enabled

A flaw was found in grub2. The cutmem command does not honor secure boot locking allowing an privileged attacker to remove address ranges from memory creating an opportunity to circumvent SecureBoot protections after proper triage about grub's memory layout. The highest threat from this...

grub2: Heap out-of-bounds write in short form option parser

A flaw was found in grub2. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste...

grub2: Out-of-bounds write in grub_usb_device_initialize()

A flaw was found in grub2. During USB device initialization, descriptors are read with very little bounds checking and assumes the USB device is providing sane values. If properly exploited, an attacker could trigger memory corruption leading to arbitrary code execution allowing a bypass of the...

grub2: Use-after-free in rmmod command

A flaw was found in grub2. The rmmod implementation allows the unloading of a module used as a dependency without checking if any other dependent module is still loaded leading to a use-after-free scenario. This could allow arbitrary code to be executed or a bypass of Secure Boot protections. The...

grub2: Heap out-of-bounds write in short form option parser

A flaw was found in grub2. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste...

grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled

A flaw was found in GRUB 2, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table SSDT containing code to overwrite the Linux kernel lockdown variable content direct...

grub2: Fail kernel validation without shim protocol

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim...