Astra Linux - уязвимость в grub2

A buffer overflow was detected in grubfontconstructglyph. A maliciously crafted pf2 font can cause an overflow when calculating the maxglyphsize value. This results in allocating a buffer that is smaller than necessary for the glyph, leading to another buffer overflow and an out-of-bounds write t...

CentOS 7 : grub2 (RHSA-2024:2002)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2002 advisory. - A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow when calculating the maxglyphsize value, allocatin...

Amazon Linux 2 : grub2 (ALAS-2023-2146)

The version of grub2 installed on the remote host is prior to 2.06-14. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2146 advisory. A flaw was found in grub 2, where a crafted 16-bit grayscale PNG image may lead to an out-of-bounds write. This flaw allows ...

SUSE CVE-2022-2601

A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow when calculating the maxglyphsize value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may...

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2023-1317)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass

A flaw was found where a maliciously crafted pf2 font could lead to an out-of-bounds write in grub2. A successful attack can lead to memory corruption and secure boot circumvention...

CVE-2022-2601

A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow when calculating the maxglyphsize value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may...

CVE-2022-2601

A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow when calculating the maxglyphsize value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may...

CVE-2022-2601

A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow when calculating the maxglyphsize value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may...

DEBIAN-CVE-2022-2601

A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow when calculating the maxglyphsize value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may...

AZL-11604 CVE-2022-2601 affecting package grub2 for versions less than 2.06-8

A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow when calculating the maxglyphsize value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may...

AZL-34787 CVE-2022-2601 affecting package grub2 for versions less than 2.06-14

A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow when calculating the maxglyphsize value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may...

UBUNTU-CVE-2022-2601

A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow when calculating the maxglyphsize value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may...

CVE-2022-2601

The CVE-2022-2601 issue is a vulnerability in grub2’s font rendering path: a crafted pf2 font causes an overflow in grub_font_construct_glyph(), which can allocate too small a buffer for a glyph and trigger a heap-based out-of-bounds write. This vulnerability can be exploited to bypass Secure Boo...

CVE-2022-2601

A buffer overflow was found in grubfontconstructglyph. A malicious crafted pf2 font can lead to an overflow when calculating the maxglyphsize value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may...

grub2: Buffer overflow in grub_font_construct_glyph() can lead to out-of-bound write and possible secure boot bypass

A flaw was found where a maliciously crafted pf2 font could lead to an out-of-bounds write in grub2. A successful attack can lead to memory corruption and secure boot circumvention...

CVE-2022-2601

A flaw was found where a maliciously crafted pf2 font could lead to an out-of-bounds write in grub2. A successful attack can lead to memory corruption and secure boot circumvention...