2 matches found
grub2: Integer overflow in initrd size handling
Integer overflows were discovered in the functions grubcmdinitrd and grubinitrdinit in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu the functionality is not included in GRUB2 upstream, leading to a heap-based buffer overflow. These could be triggered by an extremely...
Debian DSA-4735-1 : grub2 - security update
Several vulnerabilities have been discovered in the GRUB2 bootloader. - CVE-2020-10713 A flaw in the grub.cfg parsing code was found allowing to break UEFI Secure Boot and load arbitrary code. Details can be found at https://www.eclypsium.com/2020/07/29/theres-a-hole-in-th e-boot/ - CVE-2020-1430...