3621 matches found
Astra Linux – Vulnerability in edk2
The Ubuntu edk2 UEFI firmware packages accidentally allowed access to the UEFI Shell in Secure Boot environments, potentially enabling bypass of Secure Boot restrictions. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some earlier versions introduced a security measure base...
Astra Linux – Vulnerability in edk2
In Ubuntu’s EDK2, a insecure default setting was left enabled, allowing UEFI Shell to be used. This enables an attacker with access to the operating system to bypass Secure Boot...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2 in versions prior to 2.06. The cutmem command does not honor secure boot locking, allowing a privileged attacker to remove address ranges from memory. This creates an opportunity to circumvent SecureBoot protections after proper analysis of grub’s memory layout. The...
Astra Linux – Vulnerability in grub2
A crafted 16-bit grayscale PNG image may lead to an out-of-bounds write in the heap area. An attacker may exploit this to cause heap data corruption or, ultimately, arbitrary code execution and circumvent secure boot protections. This issue is highly complex to exploit; an attacker needs to perfo...
Astra Linux – Vulnerability in grub2
A carefully crafted JPEG image may cause the JPEG reader to underflow its data pointer, allowing user-controlled data to be written into the heap. For the attack to succeed, the attacker must analyze the heap layout and create an image with malicious format and payloads. This vulnerability can le...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: EFI: Do not import certificates from UEFI Secure Boot for T2 Macs. On Apple T2 Macs, when Linux attempts to read the db and dbx EFI variables during early boot to load UEFI Secure Boot certificates, a page fault occurs in the...
Astra Linux – Vulnerability in grub2
The GRUB2’s shimlock verifier allows non-kernel files to be loaded on shim-powered secure boot systems. Allowing such files to be loaded may lead to unverified code and modules being loaded in GRUB2, thereby breaking the secure boot trust-chain...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2 in versions prior to 2.06. Variable names present in the supplied command line are expanded into their corresponding variable contents, using a 1 kB stack buffer for temporary storage. However, there is insufficient bounds checking. If the function is called with a...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read without sufficient bounds checking, assuming that the USB device provides valid values. If exploited properly, an attacker could cause memory corruption, leading to arbitrary code...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2 in versions prior to 2.06. The rmmod implementation allows the unloading of a module that serves as a dependency without checking whether any other dependent modules are still loaded, resulting in a “use-after-free” scenario. This could allow arbitrary code to be...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2 in versions prior to 2.06, where it incorrectly enabled the use of the ACPI command when Secure Boot was enabled. This flaw allows an attacker with privileged access to create a Secondary System Description Table SSDT containing code that can overwrite the Linux...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2. When reading the name of a symbolic link from a UFS filesystem, grub2 fails to validate the string length provided as input. This lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and potentially allowing an attacker to...
Astra Linux – Vulnerability in grub2
A flaw was discovered in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It’s possible to cause the allocation length to overflow with a specially crafted tar file, resulti...
Astra Linux – Vulnerability in grub2
A buffer overflow was detected in grubfontconstructglyph. A maliciously crafted pf2 font can cause an overflow when calculating the maxglyphsize value. This results in allocating a buffer that is smaller than necessary for the glyph, leading to another buffer overflow and an out-of-bounds write t...
Astra Linux – Vulnerability in grub2
A out-of-bounds write flaw was discovered in grub2’s NTFS filesystem driver. This issue may allow an attacker to present a specially crafted NTFS filesystem image, resulting in corruption of grub’s heap metadata. In some cases, the attack may also corrupt the UEFI firmware heap metadata. As a...
Astra Linux – Vulnerability in Linux
The Linux kernel up to version 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database also known as dbx protection mechanism. This issue affects the certs/blacklist.c and certs/systemkeyring.c files...
CVE-2026-40003
ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in the USB download mode to write data to any location in BootROM runtime memory, thereby overwriting the stack, hijacking the execution flow,...
CVE-2026-41097
Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
EUVD-2026-29685
Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...
CVE-2026-41097
Reliance on a component that is not updateable in Windows Secure Boot allows an authorized attacker to bypass a security feature locally...