grub2: Heap out-of-bounds write due to miscalculation of space required for quoting
A flaw was found in grub2. Setparamprefix in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters which allows an attacker to corrupt memory by one byte for each quote in th...